CSRF(Cross-Site Request Forgery)
Domain(Same-Origin Policy)
settings.py
MIDDLEWARE = [
...
'django.middleware.csrf.CsrfViewMiddleware',
...
]
The HTTP request will receive a CSRF token in the cookies.
Set the value of the CSRF token in the headers as 'X-CSRFToken'.
This will prevent the API from responding with a 403 Forbidden error.
