@klaus6 said in Invalid CSRF Token, again:
Could this strange behavior be related to this recent addition to NodeBB, maybe? Any other idea?
Probably, yes. That said, it is exceeding difficult to debug because it just doesn't reproduce for the majority of users.
You're the first I've heard reporting this issue, so I'd need to know what's special about your users, how many are affected, etc.
Perhaps it is related to long-lived browser windows... if in a different tab they've logged out and back in, then the CSRF token is indeed expired. That would cause the error you see.