--
You received this message because you are subscribed to the Google Groups "django-rest-framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-fram...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+unsub...@googlegroups.com.
Thanks for the reply back with a detailed breakdown of each item you had concerns about. I think the biggest difference is that first point you mentioned - normal django apps throw a 403 without a valid csrf token in the header or form data when you do an HTTP Post (even if you are anonymous / not logged in)
Thanks again to Tom for letting me throw down in such a public way and getting back with such detail. One last item that would help me close this issue down - Tom can you make that github repo public and link to it here so if others have concerns they have an example to see it in action?