CSRF: support older token-based CSRF protection handler that want to render token into template

[aldas]

I though I already merged this. I think #2876 got closed when I purged all old branches at my fork. I should not have deleted that branch as it was not merged yet

---

In case CSRF flow is using Sec-Fetch-Site header but there is form still wanting to render CSRF token fields into form we can help them by setting dummy value to context that atleast something can be rendered into form. As we already know that this browser is able to send Sec-Fetch-Site header, we do not need to generate token value or deal with cookies.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.92%. Comparing base (48f25a6) to head (09a691e).
⚠️ Report is 4 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #2894   +/-   ##
=======================================
  Coverage   92.92%   92.92%           
=======================================
  Files          43       43           
  Lines        4480     4481    +1     
=======================================
+ Hits         4163     4164    +1     
  Misses        197      197           
  Partials      120      120           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.