diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 6de00e76..fc40cfe6 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -59,6 +59,7 @@ below.
  - Mel Hall
  - Christopher Bennett
  - Mark Dawson
+ - Min RK
  <!-- end-shortlog -->
 
 (All contributors are identifiable with email addresses in the git version
diff --git a/changes.d/592.fix b/changes.d/592.fix
new file mode 100644
index 00000000..4636b920
--- /dev/null
+++ b/changes.d/592.fix
@@ -0,0 +1 @@
+Compatibility with JupyterHub 4.1 XSRF changes for static requests
\ No newline at end of file
diff --git a/cylc/uiserver/handlers.py b/cylc/uiserver/handlers.py
index daed7a66..c4e50fcc 100644
--- a/cylc/uiserver/handlers.py
+++ b/cylc/uiserver/handlers.py
@@ -184,10 +184,23 @@ class CylcStaticHandler(CylcAppHandler, web.StaticFileHandler):
     def initialize(self, *args, **kwargs):
         return web.StaticFileHandler.initialize(self, *args, **kwargs)
 
+    def check_xsrf_cookie(self):
+        # don't need XSRF protections on static assets
+        return
+
     @web.authenticated
     def get(self, path):
         # authenticate the static handler
         # this provides us with login redirection and token caching
+        if not path:
+            # Request for /index.html
+            # Accessing xsrf_token ensures xsrf cookie is set
+            # to be available for next request to /userprofile
+            self.xsrf_token
+            # Ensure request goes through this method even when cached so
+            # that the xsrf cookie is set on new browser sessions
+            # (doesn't prevent browser storing the response):
+            self.set_header('Cache-Control', 'no-cache')
         return web.StaticFileHandler.get(self, path)