Csrf token is not always set on beta.thalia.nu
The CSRF token for the beta site is not always set, resulting in a 403 for requests that require a CSRF token.
The CSRF token is not set on every page, possibly only on the login page.
The CSRF token is set on every page.
Steps to reproduce
- Clear cookies for thalia.nu or start an incognito browser session.
- Visit beta.thalia.nu
- Click the flag in the top right to change the language.
This will result in a 403.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information