diff --git a/jupyter-openbis-extension/static/common.js b/jupyter-openbis-extension/static/common.js
index 41f42fdba90ec6f3205e0f169f00a893e65ca722..15280a1e178c749e5e17292270e226bd061452ca 100644
--- a/jupyter-openbis-extension/static/common.js
+++ b/jupyter-openbis-extension/static/common.js
@@ -23,8 +23,25 @@ define([
             nb_container.prepend(feedbackBox)
         }
 
+        function getCookie(cname) {
+            var name = cname + "=";
+            var decodedCookie = decodeURIComponent(document.cookie);
+            var ca = decodedCookie.split(';');
+            for(var i = 0; i <ca.length; i++) {
+                var c = ca[i];
+                while (c.charAt(0) === ' ') {
+                    c = c.substring(1);
+                }
+                if (c.indexOf(name) === 0) {
+                    return c.substring(name.length, c.length);
+                }
+            }
+            return "";
+        }
+
         return {
-            createFeedback: createFeedback
+            createFeedback: createFeedback,
+            getCookie: getCookie
         }
     }
 )
\ No newline at end of file
diff --git a/jupyter-openbis-extension/static/connections.js b/jupyter-openbis-extension/static/connections.js
index 1f5972cf8f4f83b06d944796970186bba9982853..6f856fb59e5a0041a65ddd268c20f70910314d1a 100644
--- a/jupyter-openbis-extension/static/connections.js
+++ b/jupyter-openbis-extension/static/connections.js
@@ -1,7 +1,8 @@
 define([
-        "base/js/utils"
+        "base/js/utils",
+        "./common"
     ],
-    function (utils) {
+    function (utils, common) {
 
         function list(env) {
 
@@ -16,6 +17,7 @@ define([
             return utils.ajax(settings)
         }
 
+
         function connect(env, connection, username, password) {
             var url = env.notebook.base_url + 'openbis/conn/' + connection
             body = {
@@ -23,14 +25,12 @@ define([
                 "password": password
             }
 
-            var cookie = decodeURIComponent(document.cookie)
-            var xsrf_token = cookie.split("_xsrf=")[1]
-
+            var xsrf_token = common.getCookie('_xsrf')
             return fetch(url, {
                 method: "PUT",
                 headers: {
                     "Content-Type": "application/json",
-                    "X-XSRFToken": xsrf_token,
+                    "X-XSRFToken": xsrf_token
                 },
                 body: JSON.stringify(body)
             })
@@ -52,7 +52,7 @@ define([
                 method: "POST",
                 headers: {
                     "Content-Type": "application/json",
-                    "X-XSRFToken": xsrf_token,
+                    //"X-XSRFToken": xsrf_token,
                 },
                 body: JSON.stringify(body)
             })