Django CSRF check failing with an Ajax POST request

Question

I could use some help complying with Django\'s CSRF protection mechanism via my AJAX post. I\'ve followed the directions here:

http://docs.djangoproject.com/en/dev/r

Answer 1

Related to the chosen Answer, just want to add on to the chosen Answer.

In that answer, regarding the solution with .ajaxSetup(...). In your Django settings.py, if you have

CSRF_USE_SESSIONS = True

It would cause the chosen Answer to not work at all. Deleting that line, or setting it to False worked for me while implementing the chosen Answer's solution.

Interestingly, if you set the following in your Django settings.py

CSRF_COOKIE_HTTPONLY = True

This variable will not cause the chosen Answer's solution to stop functioning.

Both CSRF_USE_SESSIONS and CSRF_COOKIE_HTTPONLY comes from this official Django doc https://docs.djangoproject.com/en/2.2/ref/csrf/

(I do not have enough rep to comment, so I am posting my inputs an Answer)