It’s working pretty well. However, in a few random cases, it fails giving an error 400: Bad RequestBad Request; The CSRF token could not be verified; The request coult not be understood by the surver due to malformed syntax.
It’s been reported before, as there are many reasons why this could happen. In some cases, refreshing the page fixes the problem. But some users keep having the same issue even from different devices.
If you have recieved a “CSRF Token” error in LimeSurvey you may need to set “LTI Launch Target” to “New Window” in OpenEdX to overcome this.
I work a lot with PHP and had a fast look at the code, LimeSurvey is based on a prehistoric version of Yii, saw some rather complex / cryptic way to handle CSRF, using cookies. In modern browsers like Chrome a lot has been changed regarding to cookies, maybe the problem is hiding there somewhere.