What are we supposed to do when our users call in and say they're seeing the CSRF failure page? The error message says to contact the server administrator...
For your protection, access to this resource is secured against CSRF. If you see this, you probably didn't log out before leaving the web application. Human interaction is now required to continue. Please contact your server-administrator.
Is there a way to turn the CSRF protection off? Or at least a way to reset it when it goes stupid? I'm ready to human interaction.