diff --git a/README.md b/README.md
index cbec0dc6e61cbdedbaf1a893e0cd2b5fc522fb32..46327b37ccfa4d15fa3e8c8f674d9256bd83a685 100644
--- a/README.md
+++ b/README.md
@@ -8,25 +8,27 @@ This guide is a help to install the OOD RStudio Server app without requiring PRo
 
 Starting in RStudio Server 1.3###, the developers added environment variables to control the location of those hard-coded files. This means that (in our case at least) PRoot/Singularity is no longer required for the OOD RStudio Server App.
 
+**UPDATES**: We now support RStudio Server 1.4.####. Several code changes are required (branch rstudio-1.4-server). Changes include a new database config file requirement for the rserver command, and a new auth requirement involving a CSRF token. Updated files include `template/script.sh.erb`, `template/before.sh.erb`, `submit.yml.erb`, and `view.html.erb`.
+
 # Setup without PRoot/Singularity
-RStudio Server 1.3.959 enables RStudio OOD app to run without PRoot or Singularity. The developers added two flags for rserver that allow control of previously hard-coded file paths. However, you might still need PRoot or Singularity for some other reason depending on your HPC environment.
+RStudio Server 1.4.1717 enables RStudio OOD app to run without PRoot or Singularity. The developers added two flags for rserver that allow control of previously hard-coded file paths. However, you might still need PRoot or Singularity for some other reason depending on your HPC environment.
 
-## Install RStudio Server 1.3.959 CentOS 6/7
+## Install RStudio Server 1.4.1717 CentOS 7
 The simplest way is to install using the RPM installer provided by RStudio.
 ```
-wget https://download2.rstudio.org/server/centos6/x86_64/rstudio-server-rhel-1.3.959-x86_64.rpm
-sudo yum install rstudio-server-rhel-1.3.959-x86_64.rpm
+wget https://download2.rstudio.org/server/centos7/x86_64/rstudio-server-rhel-1.4.1717-x86_64.rpm
+sudo yum install rstudio-server-rhel-1.4.1717-x86_64.rpm
 ```
 However, many HPC sites like to control installation prefix. The provided RPM is not relocatable, but you can extract the files and move them manually.
 ```
 mkdir ~/rstudio_files && cd ~/rstudio_files
-wget https://download2.rstudio.org/server/centos6/x86_64/rstudio-server-rhel-1.3.959-x86_64.rpm
-rpm2cpio rstudio-1.3.959-x86_64.rpm | cpio -idmv
+wget https://download2.rstudio.org/server/centos7/x86_64/rstudio-server-rhel-1.4.1717-x86_64.rpm
+rpm2cpio rstudio-server-rhel-1.4.1717-x86_64.rpm | cpio -idmv
 ```
 This creates a directory `~/rstudio_files/usr/lib/rstudio-server` that contains the files. Move these files to your shared filesystem.
 ```
-# we use BCM so our shared filesystem for apps is /cm/shared/apps. Modify to suit your needs.
-cp -R ~/rstudio_files/usr/lib/rstudio-server/* /cm/shared/apps/rstudio-server/1.3.959
+# Our shared filesystem for apps is /hpc/apps. Modify to suit your needs.
+cp -R ~/rstudio_files/usr/lib/rstudio-server/* /hpc/apps/rstudio-server/1.4.1717
 ```
 Optionally add a modulefile to load env.
 
@@ -35,8 +37,9 @@ To install the app:
 ```
 cd /var/www/ood/apps/sys 
 git clone https://github.com/mcw-rcc/bc_rcc_rstudio_server.git
+cd bc_rcc_rstudio_server && git checkout rstudio-1.4-updates
 ```
-Modify `manifest.yml`, `form.yml`, and `submit.yml` for your site. The `template/script.sh.erb` should also be modified to suit your site. For instance, we use a modulefile to load RStudio Server, which is specific by site and should be supplied by your site. The `rserver` command in `template/script.sh.erb` contains two new flags that allow 1.3.959 to function in a multi-user environment without PRoot or Singularity.
+Modify `manifest.yml`, `form.yml`, and `submit.yml` for your site. The `template/script.sh.erb` should also be modified to suit your site. For instance, we use a modulefile to load RStudio Server, which is specific by site and should be supplied by your site. The `rserver` command in `template/script.sh.erb` contains two flags that allow 1.3.959 and one additional flag for 1.4.1717 to function in a multi-user environment without PRoot or Singularity.
 ```
 rserver \
   --www-port ${port} \
@@ -46,9 +49,12 @@ rserver \
   --rsession-path "${RSESSION_WRAPPER_FILE}" \
   --server-data-dir "${TMPDIR}" \ 
   --secure-cookie-key-file "${TMPDIR}/rstudio-server/secure-cookie-key"
+  --database-config-file "${DBCONF}"
 ```
 `--server-data-dir "${TMPDIR}"` redirects output of PIDs from /var/run/rstudio-rsession to ${TMPDIR}.
 
 `--secure-cookie-key-file "${TMPDIR}/rstudio-server/secure-cookie-key"` redirects output of secure-cookie-key from /tmp/rstudio-server to $TMPDIR. Necessary to avoid conflict where multiple RStudio Server instances are running and generate same hard-coded file.
 
+`--database-config-file "${DBCONF}"` sets the path for a new database config requirement in 1.4.1717.
+
 Your $TMPDIR location needs to be unique for this to work. We use our queueing system to set a unique $TMPDIR per job. You can also use `export TMPDIR="$(mktemp -d)"` within `template/script.sh.erb`.
diff --git a/form.yml b/form.yml
index 2178341f757677e9c6daee01124d13da14d8a245..848cd10f2859dc3384eabf73897efd616f95f72b 100644
--- a/form.yml
+++ b/form.yml
@@ -1,5 +1,5 @@
 ---
-cluster: "carley"
+cluster: "hpc"
 form:
   - Rserver
   - Rapp
@@ -7,7 +7,7 @@ form:
   - bc_num_hours
   - bc_email_on_started
 attributes:
-  Rserver: "rstudio-server/1.3.959"
+  Rserver: "rstudio-server/1.4.1717"
   bc_num_hours:
     min: 1
     max: 8
@@ -29,5 +29,4 @@ attributes:
     widget: select
     label: "R Version"
     options:
-      - [ "3.5.0", "R/3.5.0" ]
-      - [ "4.0.1", "R/4.0.1" ]
+      - [ "4.0.4", "R/4.0.4" ]
diff --git a/manifest.yml b/manifest.yml
index 0c67c290c9c54c1bac2a537ba15febaa7a95577d..1771b882e77c7448a7122d23b03da2852747b527 100644
--- a/manifest.yml
+++ b/manifest.yml
@@ -1,20 +1,9 @@
 ---
 name: RStudio Server
 category: Interactive Apps
-subcategory: Carley MPI Cluster
 role: batch_connect
 description: |
   This app will launch [RStudio Server], an IDE for [R], on a cluster node.
 
   [RStudio Server]: https://www.rstudio.com/products/rstudio-server/
   [R]: https://www.r-project.org/
-
-  <div class="alert alert-info" >
-    <strong>Recent updates</strong>
-    <ul>
-      <li>Updated to R 4.0.1.</li>
-      <li>Updated to RStudio Server 1.3.959.</li>
-      <li>Added multi-core and high memory instances.</li>
-      <li>Added quick instance for faster response. Larger instances may take longer to start.</li>
-    </ul>
-  </div>
diff --git a/submit.yml.erb b/submit.yml.erb
index e6fb9788d984cb205e07bf09a064107b19cc2f1c..eb7bbff41ebb3fdf55992f0fc13054a6e6cbbe22 100644
--- a/submit.yml.erb
+++ b/submit.yml.erb
@@ -27,6 +27,8 @@
 ---
 batch_connect:
   template: "basic"
+  conn_params:
+    -  csrf_token
 script:
   email: <%= ENV["USER"] %>@mcw.edu
   queue_name: "<%= queue %>"
diff --git a/template/before.sh.erb b/template/before.sh.erb
index 3be81ef78e6ff92676e1cd68ecbd26fd62ac4d27..d36470a23d186a17931da4e769489765b27237d1 100755
--- a/template/before.sh.erb
+++ b/template/before.sh.erb
@@ -7,3 +7,10 @@ port=$(find_port)
 # Define a password and export it for RStudio authentication
 password="$(create_passwd 16)"
 export RSTUDIO_PASSWORD="${password}"
+
+# Define CSRF_TOKEN and export it for auth
+<%-
+  require 'securerandom'
+  csrftoken=SecureRandom.uuid
+-%>
+export csrf_token="<%= csrftoken %>"
diff --git a/template/script.sh.erb b/template/script.sh.erb
index 70f7a618bf30d1857fb520b1b1493ead5250897e..97df2ea8cc561b5b1b96e2cfef41345bb387add4 100755
--- a/template/script.sh.erb
+++ b/template/script.sh.erb
@@ -33,6 +33,18 @@ EOL
 )
 chmod 700 "${RSESSION_WRAPPER_FILE}"
 
+# Generate a database.conf file
+export DBCONF="${PWD}/database.conf"
+(
+umask 077
+sed 's/^ \{2\}//' > "${DBCONF}" << EOL
+  # set database location
+  provider=sqlite
+  directory=/tmp/${USER}/${SLURM_JOB_ID}/rstudio-server/db
+EOL
+)
+chmod 700 "${DBCONF}"
+
 # Set working directory to home directory
 cd "${HOME}"
 
@@ -52,4 +64,5 @@ rserver \
   --auth-encrypt-password 0 \
   --rsession-path "${RSESSION_WRAPPER_FILE}" \
   --server-data-dir "${TMPDIR}" \
-  --secure-cookie-key-file "${TMPDIR}/rstudio-server/secure-cookie-key"
+  --secure-cookie-key-file "${TMPDIR}/rstudio-server/secure-cookie-key" \
+  --database-config-file "${DBCONF}"
diff --git a/view.html.erb b/view.html.erb
index cf8923fc004bb0228eb9d9cbc79f43cf7473f4cc..e4f6c3a5d4a5fe63b4208e1af4751393a2a246ee 100644
--- a/view.html.erb
+++ b/view.html.erb
@@ -1,8 +1,12 @@
+<script>
+  document.cookie = "csrf-token=<%= csrf_token %>; path=/rnode/<%= host %>/<%= port %>; secure";
+</script>
 <form action="/rnode/<%= host %>/<%= port %>/auth-do-sign-in" method="post" target="_blank">
   <input type="hidden" name="username" value="<%= ENV["USER"] %>">
   <input type="hidden" name="password" value="<%= password %>">
   <input type="hidden" name="staySignedIn" value="1">
   <input type="hidden" name="appUri" value="">
+  <input type="hidden" name="csrf-token" value="<%= csrf_token %>"/>
   <button class="btn btn-primary" type="submit">
     <i class="fa fa-registered"></i> Connect to RStudio Server
   </button>