CSRF errors triggering logout if "Enable notifications" is set.

[tarcus69]

Hello, I and a number of other people are getting logged out of diaspora when using this, but it seems if I disable notifications, this issue goes away. The email from diaspora is as follows:

diaspora* has detected an attempt to access your session which might be unauthorised. To avoid any chance of your data being compromised, you have been signed out. Don’t worry; you can safely sign in again now.

A request has been made using a incorrect or missing CSRF token. This might be completely innocent, but it could be a cross-site request forgery (CSRF) attack.

This could have been caused by:

An add-on manipulating the request or making requests without the token;
A tab left open from a past session;
Another website making requests, with or without your permission;
Various other external tools;
Malicious code trying to access your data.
For more information on CSRF see https://www.owasp.org/index.php/Cross-SiteRequestForgery_(CSRF).

If you see this message repeatedly, please check the points above, including any browser add-ons.

Thank you, The diaspora* email robot!

Since disabling "Enable notifications" I haven't been logged out.