Yep, works like a charm, thank you! And two consecutive ifs to strip two cookies works as well:
set $stripped_cookie $http_cookie;
if ($http_cookie ~ "(.*)(?:^|;)\s*sessionid=[^;]+(.*)$") {
set $stripped_cookie $1$2;
}
if ($stripped_cookie ~ "(.*)(?:^|;)\s*csrftoken=[^;]+(.*)$") {
set $stripped_cookie $1$2;
}