CSRF state token does not match one provided FB PHP SDK 3.1.1 Oauth 2.0

Question

My server logs show a \"CSRF state token does not match one provided\" error which seems to happen for almost every user. However, the users are created and/or authenticated

Answer 1

I had the same problem in my local machine and the problem turned out to be that my hosts file was blocking communication with Verisign, so the URL Facebook tries to communicate with (http://crl.verisign.com/pca3.crl) never worked (state: 404).

Commenting out the various Verisign IP addresses from my hosts file did the trick!