CSRF error on account registration through EU store
I was just trying to create an account and was met with a CSRF token error:
I was browsing the EU version of the store where, when you click any of the login/sign up links it actually leads you to a separate page instead of showing a modal dialog (which is what the US store always does). But when you’re on the login page and click Join[1] then it does show a modal. It seems likely that the sign up form is using the CSRF token that actually belongs to the login form, which doesn’t match and hence the backend throws an error.
Logging in through the EU store works fine, the problem only occurs when you try to create a new account through there.
[1] Clicking Join in the EU store actually leads you to the login page and you have to click Join again to actually get the sign up form in a modal dialog. Meaning there’s no way to get the sign up form without going through the login page first.
Is this a good question?