re: Django Rest Framework custom JWT authentication VIEW POST


I have a question to ask.
If I put JWT in cookie from server to client, and the client takes JWT from cookie to headers for every request, do I need CSRF token additionally?


the client can't read the httponly cookie, only the server can read it

Code of Conduct Report abuse