Open forms cannot be saved after "Relogin" (Security Token errors)
If you have an open form (e.g. editing a content element) and you leave your browser unattended until "session expires", you can relogin with the popup window (or the JS overlay).
After this relogin, if you try to save your work, you will get security token errors.
The CSRF protection token is in a hidden field, and if the session has expired in the meantime, the session data (including the original tokens) are gone, so when saving that form after the relogin won't be able to validate them. Different potential solutions:
a) go through the DOM and manipulate all hidden fields with a token and change them with a new valid token. doable, but will require some work
b) allow "one save without token check" right after the relogin, so that this form can be finally saved, and after that things continue as usual.
(issue imported from #M17383)