I’m a DevOps engineer working with AWS cloud, and I’m following a project where I need to deploy a Streamlit application on Internet through AWS.
We got the error: “Error: Request failed with status code 403” after uploading a file through the file_uploader. It turns out that the error was the Application Load Balancer in front of the server hosting Streamlit. The Application Load Balancer was protected by Web Application Firewall rules, and one of these blocks all the packets that has a body larger than 8 KB (typical of file upload). The name of the AWS WAF rule was SizeRestrictions_BODY.
By disabling this rule, everything worked fine. Don’t know if this can be helpful for whoever has issues in exposing Streamlit from cloud environments.
Do you have anything between your app and the users on Azure?
Try turning off XSRF protection by adding:
[server]
enableXsrfProtection = false
to streamlit/config.toml, or --server.enableXsrfProtection=false to the run command. Note that this is not really a recommended long-term / production use; I figure I am safe enough just by having an AD authentication requirement and a small & trusted user pool.
Here are some other topics on the problem, including my own. I have not been able to get a satisfying solution yet:
I have a low-confidence suspicion that this is caused by the _xsrf token not getting through. I opened up an issue here but I might be way off my base as webdev stuff is not my forte.
