CSRF attack suspected

Mehr
3 Jahre 5 Monate her #104927 von cmerasys
cmerasys erstellte das Thema CSRF attack suspected
Hello,

we're using LimeSurvey for a while and have now an issue.
It's not possible to edit some answers of a question.

It always displays:

Security alert: Someone may be trying to use your LimeSurvey session (CSRF attack suspected). If you just clicked on a malicious link, please report this to your system administrator. Also the problem can occur when your are working/editing in LimeSurvey in several browsers/tabs at the same time.


Facts are:
1) Our limesurvey installation is accessed by https, so I would say it's unlikely to have a real CSRF attack
2) Two users with different accounts work simutanouesly on a survey.
3) But even if they log out and I as a third person try to edit the respective question, I'll get this error
4) The answers are numbers (ages) - 54 different ones. The last one is, depending on the language, something with more text or e.g. "71+"

We're running Version 1.91+ Build 120302.
Would be great if somebody of you could help.

Thanks in advance!

Best regards,
Christian

Bitte Anmelden um der Konversation beizutretten.

Mehr
3 Jahre 5 Monate her #105027 von cmerasys
cmerasys antwortete auf das Thema: CSRF attack suspected
Problem solved.

We decided to make an update and thought this would fix the problem.
We updated to version Version 2.05+ Build 140212.

The problem still occured.
We could fix it then by

1) Deleting cookies & caches on the browsers used
2) Setting the number of max_input_vars in the php.ini to a high value. This is necessary because if you have a lot of answers in a lot of languages, this max value might be reached, because all answers of each language will be loaded into one form - eventhough only one language is being displayed at a time.

#2 definately fixed the problem.

Bitte Anmelden um der Konversation beizutretten.

Haben Sie schon bei unserer Kundenumfrage mitgemacht?

Verpassen Sie nicht Ihre Chance auf tolle Preise.

Klicken sie hier um teilzunehmen:

Jetzt starten

Jetzt loslegen!

Melden Sie sich jetzt an, und erstellen Sie in wenigen Minuten Ihre erste Umfrage.

Account einrichten