Trying to create a POST request by providing csrftoken in headers to the server (as -> X-CSRFToken: _csrf_token_value).
However the CsrfViewMiddleware rejects the request and returns back with
Forbidden (CSRF token missing or incorrect.)
The request fails both for an ajaxrequest from client and POSTMAN.
Using Django 3.0.x for this project.
EDIT- getting csrftoken from _get_new_csrf_token() which is sent in the headers for the next request
UPDATE- further into debugging found out that csrftoken set in headers is compared with CSRF_COOKIE under request.META and certainly both are different but cant understand what sets the cookie in META?
the cookie in META is same as the default cookies sent by POSTMAN under Header(default Cookies)
