I have problem with the Facebook SDK. I keep getting the following error:
CSRF state token does not match one provided
I don't have any RewriteRule rule as it was suggested before, so thats not the problem. I changed the getCode() function to the following in order to know where is the problem:
protected function getCode() {
if (isset($_REQUEST['code'])) {
if ($this->state !== null &&
isset($_REQUEST['state']) &&
$this->state === $_REQUEST['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $_REQUEST['code'];
} else {
$add = "";
if ($this->state == null)
$add .= " State is null";
if (!isset($_REQUEST['state']))
$add .= " State is not set";
if ($this->state !== $_REQUEST['state'])
$add .= " States are not that same";
self::errorLog('CSRF state token does not match one provided. problem:' . $add);
return false;
}
}
return false;
}
and after I rerun the login script now I get the following error:
CSRF state token does not match one provided. problem: State is null States are not that same
Does any one know how to fix this up?
Thanks
My problem was solved by making sure that the domain I send the request from is same as the one I get back the answer. In other words wwww.website.com is different from website.com.