apache · dpgaspar · Nov 14, 2023 · Nov 7, 2023 · Nov 7, 2023 · Nov 7, 2023
diff --git a/superset-frontend/src/setup/setupClient.ts b/superset-frontend/src/setup/setupClient.ts
@@ -18,13 +18,18 @@
  */
 import { SupersetClient, logging, ClientConfig } from '@superset-ui/core';
 import parseCookie from 'src/utils/parseCookie';
+import getBootstrapData from 'src/utils/getBootstrapData';
+
+const bootstrapData = getBootstrapData();
 
 function getDefaultConfiguration(): ClientConfig {
   const csrfNode = document.querySelector<HTMLInputElement>('#csrf_token');
   const csrfToken = csrfNode?.value;
 
   // when using flask-jwt-extended csrf is set in cookies
-  const cookieCSRFToken = parseCookie().csrf_access_token || '';
+  const JWTAccessCSRFCookieName =
+    bootstrapData.common.conf.JWT_ACCESS_CSRF_COOKIE_NAME;
+  const cookieCSRFToken = parseCookie()[JWTAccessCSRFCookieName] || '';
 
   return {
     protocol: ['http:', 'https:'].includes(window?.location?.protocol)

diff --git a/superset/views/base.py b/superset/views/base.py
@@ -120,6 +120,7 @@
     "ALERT_REPORTS_DEFAULT_WORKING_TIMEOUT",
     "NATIVE_FILTER_DEFAULT_ROW_LIMIT",
     "PREVENT_UNSAFE_DEFAULT_URLS_ON_DATASET",
+    "JWT_ACCESS_CSRF_COOKIE_NAME",
 )
 
 logger = logging.getLogger(__name__)