The hard-coded, non-authenticated edit token, +\, will go away soon, see T40417.
The apps should always request an edit token before sending the edit request, even when not logged in. The Android app has this done for description editing but not yet for page editing.