diff --git a/jupyter_tensorboard/handlers.py b/jupyter_tensorboard/handlers.py
index 069983f..300f230 100644
--- a/jupyter_tensorboard/handlers.py
+++ b/jupyter_tensorboard/handlers.py
@@ -91,6 +91,34 @@ def post(self, name, path):
         else:
             raise web.HTTPError(404)
 
+    def check_xsrf_cookie(self):
+        """Expand xsrf check exception for POST requests.
+
+        Expand xsrf_cookie exceptions, normally only applied to GET and HEAD
+        requests, to POST requests for tensorboard api.
+
+        Provides support for hparams plugin, which uses POST to retrieve
+        experiment information but can't be trivially extended to include xsrf
+        information in these POST requests.
+
+        """
+
+        try:
+            return super(TensorboardHandler, self).check_xsrf_cookie()
+        except web.HTTPError:
+            if self.request.method in {"GET", "POST", "HEAD"}:
+                # Consider Referer a sufficient cross-origin check for GET requests
+                # Extended to post for Tensorboard API
+                if not self.check_referer():
+                    referer = self.request.headers.get("Referer")
+                    if referer:
+                        msg = "Blocking Cross Origin request from {}.".format(referer)
+                    else:
+                        msg = "Blocking request from unknown origin"
+                    raise web.HTTPError(403, msg)
+            else:
+                raise
+
 
 class TensorboardErrorHandler(IPythonHandler):
     pass