Hello I have a frontend application which was migrated to django and for csrf protection I am using the methodology of copying csrf token from cookies to header of my post request. Django keeps complaining about invalid csrf token despite that the request contais the csrf token from cookies.
In my settings.py I have explicitly specified:
CSRF_USE_SESSIONS = False
to make sure that cookie-based csrf is used according docs
and the request header that gets the cookie csrf is:
HTTP_X_CSRFTOKEN
The cookie is present and copied to the above header
