CSRF Guard 4.1.3 - Invalid session error when used with apache and weblogic server, particularly only on Browser Edge in IE 11 Mode

[vikrantvij1]

We have recently migrated to the CSRF 4.1.3 from older version 3.1.0 , After having this implemented , we have started facing error specifically on Edge browser over IE-11 Mode.

We are using apache server beneath weblogic server, we are not able to figure out the real root cause, but reverting back CSRF guard to older version 3.1.0 fixed this.

Important Note - It is happening through Third party application interaction with our application and third party application is using IFRAME, We only have this issue in the EDGE in IE-11 mode , but working on all other browsers. Moreover, On first request everything looks fine and our application page loads in IFRAME, But on second request , the cookie which browser sent does not match the server session ID as cookie sent by browser on second request is different from the initial one, which results in invalid session error. Nevertheless, Reverting back to older CSRF Guard fix everything.

Few questions striking my mind here are -

Does CSRF guard 4.1.3 have a support for IE-11 or EDGE in IE-11 Mode ?
Is there any property to handle this in CSRF guard ?
Is this happening due to apache server configuration ?. which should not be the case because older version is working fine on same apache.
Any other possibility or suggestion?
We love to hear back on this and will definitely appreciate any kind of help or suggestions.