CSRF protection in Dash

Hi, I’m wondering how to implement CSRF protection in my Dash app. I’m currently using flask_wtf.csrf to initialize the flask server that my app is built on top of. However, my pages do not load and I get the error that I am missing the csrf protection token.

How can I ensure that my Dash app is protected against CSRF?

Hello @danM,

Welcome to the community!

Since you are using flask-wtf, check out here of how you can have the requests automatically come through:

https://flask-wtf.readthedocs.io/en/0.15.x/csrf/

Pay attention to the jquery part of it, as this would allow the site to work. My guess is that the easiest way to do this would be to adjust the overall template.