Change org.owasp.csrfguard.TokenName to not use underscore by default and change org.owasp.csrfguard.TokenLength to be minimum at 128.
The current org.owasp.csrfguard.TokenName contains underscores, which causes issues with Amazon Load Balancer as it does not support that character. Additionally, it is uncommon to have an underscore in HTTP headers based on the RFC9110 documentat...