TABLE OF CONTENTS


DAKboard is continuously improving our services and security for your accounts. One of our updates was the addition of the Cross-Site Request Forgery or CSRF Tokens to our login and account update requests. These security measures were added to protect your credential and subscription submissions from being tampered with externally. This article is to let you know what to do when you receive a CSRF error.


CSRF Error:

The CSRF error can occur for a few reasons. The first is if you are blocking cookies on our site. Cookies are needed to generate the token. The second is if the token has expired. We automatically expire these tokens after a set amount of time to prevent unwanted access to your account. Finally, the error can be generated if your browser is holding on to the old token rather than releasing it when it expires. This can sometimes be caused by browser extensions holding on to this information.


How to Fix the Error:

Almost every cause of this failure can be resolved by simply refreshing your browser. A refresh of your browser will regenerate the cookies and the CSRF token for you. You can quickly refresh your Browser by clicking SHIFT+R on your Keyboard (or Command+R on your Mac Keyboard), pressing F5, or clicking the refresh symbol on your browser tab.


On rare occasions refreshing will not be enough. In these cases, you can try clearing the cache on your browser to completely remove the old token and outdated cookies. You can quickly refresh your Browser by clicking CTRL+SHIFT+R on your Keyboard (or Option+Command+R on your Mac Keyboard) or clearing your cache from your browser's settings page. If you clear your cache you may need to log out and back in to recreate the token.


If neither of these options works, you may have a Browser Extension, a Security Suite add-on like a pop-up/ad blocker enabled, or you have disabled cookies in your browser settings preventing the creation of the CSRF token. You can check this by disabling these additional features or by logging into your account from an Incognito Browser, as this will turn off your extensions for you.