Problem with CSRF Token?

I have a reload loop inside the backend after login combined with serveral of this error exeptions

Exception #1486500872 in line 75 of /var/www/vhosts/xxxx/xxxx_neos_base_distribution_production/releases/7/Data/Temporary/Production/SubContextDogado/Cache/Code/Flow_Object_Classes/Neos_Flow_Security_Authorization_RequestFilter.php: The action could not be executed because you supplied no or the wrong CSRF protection token.

and in the chrome console:

Host.js?bust=7d8ee3b5?23e7233e:1 uncaught at watchReloadState 
 at takeLatest 
 at reloadState 
 SyntaxError: Unexpected token < in JSON at position 0

anyone an idea where to start solving the problem?

Did you try emptying the browser cookies and session storage and login again.

Sometimes an invalid session id is somehow stuck?

Thanks for answer. Clearing the browserdata helps but after a while it’s the same. So i can access my neos only in inkognito browser mode

No, incognito mode is not required. I know this error only on local machines after fetching db content from the server so the system ends up having a session cookie in the browser cache that is not in the db. Never had this on a production machine.

However this loop is definitely a bug we should take care of. Will try to look into this the next weeks.

I could not reproduce this problem. Which version of neos and which version of the neos-ui do you have installed.

Can you provide more informations when exactly this occurs again?

I am using Neos 3.3.23 and Ui 3.6.0. I will try to collect more information, how to reproduce it

That is strange since the 3-x branch of the UI is for Neos 4.x. The current UI version for Neos 3.3 is 2.8.1.

Ok, Problem is solved. It was caused by caching html incl. the tokens.