Gibbs Consulting

There is also #230 which highlights the need for better documentation also

From [urls.py](https://github.com/GibbsConsulting/django-plotly-dash/blob/master/django_plotly_dash/urls.py) the POST calls to update the component are tagged as ``csrf_exempt``. DPD is following Dash in this regard - it seems from [this issue](https://github.com/plotly/dash/issues/141) that Dash has decided...

From [this](https://docs.djangoproject.com/en/2.1/ref/csrf/) I'm wondering if something along the lines of the following might work: * Use the Django CSRF framework as a base * In place of a hidden form...

I think that the token can only be generated when the app is first rendered - otherwise there is not enough ordering between token generation and use. It does limit...

Can you insert the script using the `app.get_asset_url` function and the [local assets](https://django-plotly-dash.readthedocs.io/en/latest/local_assets.html#local-assets) functionality? Note that this requires the staticfiles finders to be configured.

@sdementen can this issue now be closed?

Just trying to work through your last statement. Is the environment constant between the different situations? In particular, when you run with '--nostatic' is that with the same environment and...

Sorry, missed the obvious here. For the debug environment, you'll need the --nostatic flag to work with channels. See for example the flags in the [demo script](https://github.com/GibbsConsulting/django-plotly-dash/blob/master/prepare_demo) In production, you'll...

@fmhr I suspect that this is historical baggage. What happens if you forcibly upgrade the version of django-bootstrap-components? This is not a long-term fix but it would be interesting to...

Yes, it used to be part of channels but got removed, and it looks like it is not actually included in our setup/packaging script at the moment (created #369 to...