Our three distinct Shopware 5.2.x installations producing following error, but not always. Mostly with user registration page. Each installation has our own custom plugin.
exception 'Shopware\Components\CSRFTokenValidationException' with message 'The provided X-CSRF-Token for path "/checkout/saveShippingPayment/sTarget/checkout/sTargetAction/index" is invalid. Please go back, reload the page and try again.' in /engine/Shopware/Components/CSRFTokenValidator.php:161
What would be the reason & solution for it other than disabling CSRF protection from config ?
As you're saying that the exception is not thrown always, my best guess is that the CSRF validation sometimes fails because of session timeouts. I don't know how frequently your Shopware installations run into this situation. My test environment produces this error 1-2 times per day. If you think it happens too often, you might try to increase the php session lifetime -> session.gc_maxlifetime – The default value is 1440 (seconds)
You might also want to check and eventually consider an update. There have been several commits that improve CSRF protection handling in the official repository (e.g. https://git.io/vDxrV)
There are also known issues with Google Integration and PayPal-Plus, try updating if you are using them... (Hint is from here, german: https://synonymous.rocks/shopware-5-2-csrf-token-is-invalid/)
If you need further assistance please provide more details, e.g.: