diff --git a/src/khoj/interface/web/config.html b/src/khoj/interface/web/config.html
index ce5854f3..b7f6e48e 100644
--- a/src/khoj/interface/web/config.html
+++ b/src/khoj/interface/web/config.html
@@ -98,8 +98,13 @@
         event.preventDefault();
         configure.disabled = true;
         configure.innerHTML = "Configuring...";
+        const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
         fetch('/api/update?force=true&client=web', {
             method: 'GET',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-CSRFToken': csrfToken
+            }
         })
         .then(response => response.json())
         .then(data => {
diff --git a/src/khoj/interface/web/content_type_github_input.html b/src/khoj/interface/web/content_type_github_input.html
index 8ab3a91b..fc1c4fce 100644
--- a/src/khoj/interface/web/content_type_github_input.html
+++ b/src/khoj/interface/web/content_type_github_input.html
@@ -79,10 +79,12 @@
         var repo_name = document.getElementById("repo-name").value;
         var repo_branch = document.getElementById("repo-branch").value;
 
+        const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
         fetch('/api/config/data/content_type/github', {
             method: 'POST',
             headers: {
                 'Content-Type': 'application/json',
+                'X-CSRFToken': csrfToken,
             },
             body: JSON.stringify({
                 "pat_token": pat_token,
diff --git a/src/khoj/interface/web/content_type_input.html b/src/khoj/interface/web/content_type_input.html
index f13f0f14..369a5e51 100644
--- a/src/khoj/interface/web/content_type_input.html
+++ b/src/khoj/interface/web/content_type_input.html
@@ -131,10 +131,12 @@
         var embeddings_file = document.getElementById("embeddings-file").value;
         var index_heading_entries = document.getElementById("index-heading-entries").value;
 
+        const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
         fetch('/api/config/data/content_type/{{ content_type }}', {
             method: 'POST',
             headers: {
                 'Content-Type': 'application/json',
+                'X-CSRFToken': csrfToken
             },
             body: JSON.stringify({
                 "input_files": input_files,
diff --git a/src/khoj/interface/web/processor_conversation_input.html b/src/khoj/interface/web/processor_conversation_input.html
index 0397bbce..f07b8bba 100644
--- a/src/khoj/interface/web/processor_conversation_input.html
+++ b/src/khoj/interface/web/processor_conversation_input.html
@@ -61,10 +61,12 @@
         var model = document.getElementById("model").value;
         var chat_model = document.getElementById("chat-model").value;
 
+        const csrfToken = document.cookie.split('; ').find(row => row.startsWith('csrftoken'))?.split('=')[1];
         fetch('/api/config/data/processor/conversation', {
             method: 'POST',
             headers: {
                 'Content-Type': 'application/json',
+                'X-CSRFToken': csrfToken
             },
             body: JSON.stringify({
                 "openai_api_key": openai_api_key,