Please Explain "CSRF Failed"


When I try to challenge one of the Bot Group bots (Kugutsu, GnuGo, etc.), using the latest Firefox, I get the following message: “CSRF Failed: CSRF token missing or incorrect.” This is true whether I click on the bot’s name in the search or in the Bot Group. What does that message mean? However, I can challenge them when using Explorer, so is this a browser issue? I prefer Firefox, which has greater functionality on the site. Is there any remedy?

(Resolved) Home page breakage? CANT LOG IN after clearing cookies
CSRF Failure when trying to go on vacation

I suggested to reopen this issue on Github

Although if you have an update on the problem, feel free to add it here.


Hi Conrad,

Can you try logging out and logging back in?


I tried that, but it didn’t work. I didn’t put this on Github because it occurs only with Firefox, not with Explorer. and therefore didn’t seem to be a site problem per se. Also, I wanted to hear whether anyone else had this problem, and I wanted to learn what CSRF meant. I have the latest Firefox (5.1, or something like that).


UPDATE: This came up in another thread and @anoek suggested a solution that worked for me: opening a private window and logging in from that.


So, what the private browsing mode test does is to quickly check to see if it is likely an add-on / extension that you have installed that is causing the problem, since when you’re in private browsing mode most addons / extensions are disabled.

To figure out which is causing your problem, you can walk down the list and disable them in turn until it works, then figure out if you want to just live with the pain or uninstall the add-on :slight_smile:

CSRF Failure when trying to go on vacation