Issue
I get “AxiosError: Request failed with status code 403” when trying to upload a file.
Environment
Location: Azure App Service (works fine locally)
Python version: 3.10
Streamlit version: 1.36.0, also tested with 1.35.0
Other packages:
- openpyxl
- streamlit-msal
- XlsxWriter
- adlfs
- requests
What I have tried
As discussed in multiple similar questions on the forum, the error disappears after disabling CORS and XSRF protection with server.enableCORS=false and enableXsrfProtection=false.
Fix for this was also discussed here App is not loading when running remotely - Streamlit Docs
I’ve set these values and confirmed that they are set:
browser.serverAddress = my-app.azurewebsites.net
browser.serverPort = 443
server.cookieSecret = secret string
as well as set STREAMLIT_SERVER_COOKIE_SECRET to be the same secret string just to be sure.
I have also set CORS Allowed Origins in Azure to * to allow everything.
Errors and logs
Error in the UI: AxiosError: Request failed with status code 403
Error in devtools:
PUT https://my-app.azurewebsites.net/_stcore/upload_file/c1e7d04c-98f7-493a-be3e-9334ba9b4bfa/69327788-ad6d-4fff-8cc2-a91bbd6bd951 403 (Forbidden)
Logs from app with log level set to debug:
Received the following back message:
file_urls_request {
request_id: "f3600bc2-bfef-48c6-b5a9-901021c89f3b"
file_names: "filename.xlsx"
session_id: "c1e7d04c-98f7-493a-be3e-9334ba9b4bfa"
}
Code that produces the problem
import streamlit as st
test_upload = st.file_uploader("Test upload", type="xlsx")
Further information about the application
Internal application so I can’t share a link or repository.
See the code snippet above.
The application works fine on localhost and I can’t replicate the issue outside of the Azure environment.
All connections are set to use HTTPS and the domain and certificate are handled automatically by Azure.
Deployed to Azure using the ARM template here: Deploying Streamlit Applications with Azure App Services – Ben Alex Keen
Tested with vanilla Edge with no plugins or anything.