Sometimes there you are, just working away, minding your own business, hard at it, usually on a BIG task, and all of a sudden, there it is!
What is that anyway? And why does it only seem to happen when you've been working so long on something?
You're not alone, L2L Friend. A CSRF Error message, usually something like, "CSRF Verification Failed." or, "Forbidden (403)" [super scary], or "CSRF Token Error" can happen to any of us. And it always happens when you've been plugging away, seemingly non-stop.
Although you may encounter this CSRF error while working in L2L, this error message is actually created by your browser rather than by Leading2Lean.
A CSRF error message indicates that either a session was started and has been active, or worse yet, inactive, for more than 24 hours, or more than one user id was detected by your browser.
For example, if you are logged into your computer, and you want to show someone how to do something, if you open another window (tab) with that user's credentials, your browser will think the other person is still working even after you 'close' that session. This happens frequently during Training. We'll come back to that "Close that session" part in a minute.
This will happen with any browser and any session initiated online. There are a couple of ways around this. If your network allows you to open an incognito window, you can have simultaneous sessions going for more than one user. Many company firewalls do not allow access to the Incognito Window (which is located under the three stacked dots on the upper right hand corner of your browser bar, aka hamburger menu) so this may not be an option for you.
Another way to avoid this CSRF Error is to make sure you completely log out of L2L or any extended, ongoing Internet session at least once every 24 hours. Often times people never completely log out of their session and never actually shut down their computer. This is especially common when using shared, community computers. On shared, community computers, this error message can be triggered if the previous user just " X'ed " out of the window rather than actually fully logging out of their active session.
When your session is finished, it is important to 'LOGOUT' of L2L or any Internet session. Just clicking the " X " in the tab doesn't log you out. It just ends the session. Many websites, including financial institutions, recommend that you take logging out a step further by also closing your browser after logging out of your session.
URLs and website data are temporarily stored in your browser, so not logging out / shutting down periodically causes memory caching issues. This is also browser related and not unique to L2L.
So, follow the steps above and avoid this hideous error message. Forever. The End.