Facebook SDK returned an error: Cross-site request forgery validation failed. Required param "state" missing.

If you get this error when using Facebook login

Facebook SDK returned an error: Cross-site request forgery validation failed. Required param "state" missing.

Add the following to functions.php in the child theme:

add_action('init', function() {
    session_start();
    if ( isset( $_GET['state'] ) ) {
        $_SESSION['FBRLH_state']=sanitize_text_field($_GET['state']);
    }
});

NOTE: this situation is specific to domain setup (if the domain url can be accessed in different ways (ex: with www, without www, with http and with htpps) facebook considers the url doesn’t pass validation. This code helps only in this situation, that is why it must be added only in case you get this error.

Related Articles