FWIW I have indeed done this locally, but I haven't actually run tests against betalabs (although I've gone through a number of the test cases manually on betalabs).

 

My theory is that there is just something wonky with session/cookie handling. Theoretically for every test run, a new browser profile is used so there should not be issues with cookies (are we sure this is working correctly?). The other possibility is that there is something going sideways with whatever is being used for PHP session storage on betalabs. I have *no idea* how this is set up (in prod, we at least used to use memcached to store session data, but dunno if this is still the case or if this is the case for betalabs). Anyways, there could be something wonky there causing token mismatch problems. This seems somewhat unlikely to me because if this were a problem, we would probably experience more issues on betalabs than we have been - but it certainly still seems possible.

Chris mentioned to me earlier that he pinged Coren about this on IRC - any followup yet, Chris?