- Fixed csrf-token cookie not being set on some paths. - Changed RouterException in BaseCsrfVerifier to TokenMismatchException.