We are also loading images, (like favicon.ico), these will also redirect to index.php. Side effect, this causes the CSRF to be regenerated in the session.