Can't add new elements; GraphQL error: Invalid CSRF token

[robertvanlienden]

When using https://github.com/thewebmen/silverstripe-elemental-grid I've experienced some issue where I was unable to create a new element when the CSRF token is invalid.
There is no error in the front-end notifying what's wrong, the block just doesn't get added.

After some little investigation I've found a error in the console;
GraphQL error: Invalid CSRF token.

I've first created a issue under the thewebmen/silverstripe-elemental-grid repository, but today when I was investigating this issue and I found out that this issue also occurs when I only install DNSDesign/silverstripe-elemental WITHOUT the thewebmen/silverstripe-elemental-grid extension/module.

Because of this, I assume that this issue is in this module (or maybe even in 1 of the underlying SilverStripe packages?).
After my investigation, I found out that the console error is thrown inside the following vendor file;
_resources/vendor/silverstripe/admin/client/dist/js/vendor.js.

So; The console error itself comes out of silverstripe/admin. But its triggered by adding a elemental element without a valid CSRF token...

Reproduction steps

For security reasons, CSRF token will get invalidate when you open dev tools (F12) and view the admin in responsive.
So this makes it relative easy to reproduce the issue;

• Go to admin => select a page that uses Elemental
• F12 (dev tools) => Toggle device toolbar (responsive view)
• Add a new row/grid block and see that it won't get added
• Now, the error shows up in the console