If the token isn't Lax, if a user visits certain pages on TASVideos from outside (like a google link), the server would refresh your token, which would invalidate all old tabs' tokens, which gives a 400 Error when submitted.
This way the token will not be refreshed so easily.
And there is no need to make the token Strict anyway, because the token in the HTML is the critical point of safety.
If the token isn't Lax, if a user visits certain pages on TASVideos from outside (like a google link), the server would refresh your token, which would invalidate all old tabs' tokens, which gives a 400 Error when submitted.
This way the token will not be refreshed so easily. And there is no need to make the token Strict anyway, because the token in the HTML is the critical point of safety.