19285: Add again "Allow usage of session and Csrf Validation in iFrame"

This bug affects 2 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

19285	Bug reports	Documentation	public	2023-11-28 08:11	2024-06-13 12:20

Reporter	DenisChenu	Assigned To
Priority	none	Severity	minor
Status	new	Resolution	open
Product Version	6.3.x

Summary	19285: Add again "Allow usage of session and Csrf Validation in iFrame"
Description	Previously : we have «Allow usage of session and Csrf Validation in iFrame» tested and working solution (tested on firefox+ chrome + edge) It wrok : why deleted ?
Steps To Reproduce	Steps to reproduce Follow https://manual.limesurvey.org/index.php?title=Optional_settings&oldid=176241#Allow_usage_of_session_and_Csrf_Validation_in_iFrame Expected result It don't work according to coment Actual result It work
Tags	No tags attached.

Bug heat	10
Complete LimeSurvey version number (& build)	6 and previous
I will donate to the project if issue is resolved	No
Browser	firefox or chrome
Database type & version	not relevant
Server OS (if known)	not relevant
Webserver software & version (if known)	not relevant
PHP Version	not relevant

User List	There are no users monitoring this issue.

DenisChenu 2023-11-28 08:12 developer ~78754	Tested on https://www.sondages.pro/iframe/ (please confirm : i like to disable iframe on this demo)

DenisChenu 2023-11-28 08:36 developer ~78755	tested on Edge 119.0.2151.72 / windows Firefox 115.4.0esr (64 bits) / linux (with https://support.mozilla.org/fr/kb/protection-renforcee-contre-pistage-firefox-ordinateur at strict + ublock + privacybadger) Version 119.0.6045.123 (Official Build) built on Debian 12.2, running on Debian 12.2 (64-bit) There are settings where user can not access Chrome : incognito mode OR disable third party cookies

Mazi 2024-06-13 11:41 updater ~80306	Is this a feature/setting that got silently removed?

DenisChenu 2024-06-13 12:20 developer ~80318	Manual update, yo still have IFrame embedding allowed: but it don't work ouit of the box you need to ,updfate config.php too (manualy) for sameSite setting for cookies

Date Modified	Username	Field	Change
2023-11-28 08:11	DenisChenu	New Issue
2023-11-28 08:12	DenisChenu	Note Added: 78754
2023-11-28 08:12	DenisChenu	Bug heat	0 => 2
2023-11-28 08:36	DenisChenu	Note Added: 78755
2024-06-13 11:41	Mazi	Note Added: 80306
2024-06-13 11:41	Mazi	Bug heat	2 => 10
2024-06-13 12:20	DenisChenu	Note Added: 80318