Question. set_cookie doesnt work

I tried to find a solution to my problem for 4 days, but it didn’t work
Problem: when I set the set_cookie, the file does not appear in my browser cookies (I assume there is a problem with setting up the CSRF token), but I seem to have already tried everything they wrote (disable the CSRF check, change the suggested settings in the settings)
My view code:

from django.shortcuts import render
from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.csrf import csrf_protect


@csrf_protect
def update(request):
    if request.method == "POST":
        response=HttpResponse()
        response.set_cookie("any_name", "any_data", max_age=6900)
        return response 

My settings code (I tried what was commented out):

CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True
CSRF_COOKIE_SAMESITE = 'Strict'
# CSRF_TRUSTED_ORIGINS = ['http://localhost:8501',
#                         'http://127.0.0.1:8000',
#                         'https://localhost:8501',
#                         'https://127.0.0.1:8000',
#                         'https://*.localhost:8501',
#                         'https://*.127.0.0.1:8000',
#                         ]

# CORS_ALLOW_CREDENTIALS = True

# CORS_ALLOWED_ORIGINS = [
#                         'http://127.0.0.1:8000',
#                         'https://localhost:8501',
#                         'https://127.0.0.1:8000',
#                         'https://*.localhost:8501',
#                         'https://*.127.0.0.1:8000',
# ]
MIDDLEWARE = [
    "django.middleware.csrf.CsrfViewMiddleware",
    # 'WebTableEditor.utils.DisableCSRF',
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "corsheaders.middleware.CorsMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
]

url(maybe needed):

urlpatterns = [
    path("admin/", admin.site.urls),
    path('api/', include('WebTableEditor.api.urls')),
    path('update/', update),
    path('streamlit/', TemplateView.as_view(template_name='streamlit.html')),
]

It turned out the problem was with {% csrf_token %} in HTML
Since I display the front-end through an iframe, I need to somehow make the form automatically submit (I implemented this through the JS)