In c63ea5428e2f780f7bc27eb13e05e2445abed803 and related changes, the html output is hardcoded with a token parameter.
- The main interface that hooks into these links (mediawiki.page.patrol in MediaWiki core) ignores any token query parameter. It uses mediawiki.api (populated by mw.user.tokens) instead.
You can simply remove these tokens and core will handle it from there. The patrol action in core currently still supports passing it by GET, but this will be removed in a few weeks.