CSRF protection in Dash

Hi, I’m wondering how to implement CSRF protection in my Dash app. I’m currently using flask_wtf.csrf to initialize the flask server that my app is built on top of. However, my pages do not load and I get the error that I am missing the csrf protection token.

How can I ensure that my Dash app is protected against CSRF?

Hello @danM,

Welcome to the community!

Since you are using flask-wtf, check out here of how you can have the requests automatically come through:


Pay attention to the jquery part of it, as this would allow the site to work. My guess is that the easiest way to do this would be to adjust the overall template.

@danM did you get it working? @jinnyzor are you suggesting to modify the Dash template, or what template are you referring to? :slight_smile:

EDIT: Reading this issue, it seems CSRF is a non-issue in a Dash context,

I was recommending it, since he was using the add on of flask-wtf.

I haven’t looked much further into it since then. :blush: