diff --git a/app/assets/javascripts/editor/ajax.js b/app/assets/javascripts/editor/ajax.js
index 731b3b12..a3bbf383 100644
--- a/app/assets/javascripts/editor/ajax.js
+++ b/app/assets/javascripts/editor/ajax.js
@@ -12,6 +12,11 @@ CodeOceanEditorAJAX = {
     $.flash.danger({
       text: message.length > 0 ? message : $('#flash').data('message-failure')
     });
+    Sentry.setContext("error",{
+        cookie: document.cookie,
+        response: response.responseText,
+        csrf: $('meta[name="csrf-token"]').attr("content")
+    });
     Sentry.captureException(JSON.stringify(response));
   }
 };
\ No newline at end of file
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 0492d7c7..aeab8b45 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -10,6 +10,7 @@ class ApplicationController < ActionController::Base
   before_action :set_sentry_context, :set_locale, :allow_iframe_requests, :load_embed_options
   protect_from_forgery(with: :exception, prepend: true)
   rescue_from Pundit::NotAuthorizedError, with: :render_not_authorized
+  rescue_from ActionController::InvalidAuthenticityToken, with: :render_csrf_error
 
   def current_user
     ::NewRelic::Agent.add_custom_attributes(external_user_id: session[:external_user_id], session_user_id: session[:user_id])
@@ -32,6 +33,11 @@ class ApplicationController < ActionController::Base
   end
   private :set_sentry_context
 
+  def render_csrf_error
+    render json: {error: 'CSRF validation failed!!', status: :unprocessable_entity, request_cookies: cookies, session_csrf: session['_csrf_token'], request_csrf: request_authenticity_tokens }, status: :unprocessable_entity
+  end
+  private :render_csrf_error
+
   def render_not_authorized
     respond_to do |format|
       format.html do
diff --git a/app/views/layouts/application.html.slim b/app/views/layouts/application.html.slim
index 6328bf8f..6d361f27 100644
--- a/app/views/layouts/application.html.slim
+++ b/app/views/layouts/application.html.slim
@@ -27,6 +27,10 @@ html lang="#{I18n.locale || I18n.default_locale}"
         |      release: "#{Sentry.configuration.release}",
         |      environment: "#{Sentry.configuration.environment}",
         |  });
+        | Sentry.setContext("initial",{
+        |      cookie: document.cookie,
+        |      csrf: $('meta[name="csrf-token"]').attr("content")
+        |  });
         - if @current_user
           | Sentry.configureScope(function(scope) {
           |   scope.setUser({
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index bdaed01f..54561c5e 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,3 +1,3 @@
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :cookie_store, key: '_code_ocean_session'
+Rails.application.config.session_store :cookie_store, key: '_code_ocean_session', httponly: false