Azure server.enableXsrfProtection + Streamlit App

Hi everyone,

I just deployed a Streamlit App in Azure. This App needs to have authentication enabled which was already setup. (So far so good :slight_smile: )

Because of the authentication I had some problems with st.file_uploader. (403 Error). After investigating and reading posts such as this one I was able to find a solution:

https://discuss.streamlit.io/t/deployment-on-azure-appservice-ad-authentication-enabled-st-file-uploader-403-forbidden/5839

The solution:
server.enableXsrfProtection=false

Nevertheless by setting the XsrfProtection to False; wouldn’t this be a big security risk? Since I am not security specialist I would like to have some community thoughts and/or experiences within this topic.

Thanks in advance!