GraphQLView fails when using session CSRF

[nealedj]

If settings.CSRF_USE_SESSIONS == True or using https://github.com/mozilla/django-session-csrf then Django rejects all AJAX POST requests made by the GraphQLView.

The GraphQLView reads the CSRF token from the cookie.

Perhaps it should be read from the DOM instead?

[dopeboy]

Because there's an attached PR here (thanks!), I'm going to close this one down.