Many thanks, Tom - you are, of course, quite right.

Adding session auth had triggered another subtle bug in some of my 
middleware, which meant that the CSRF wasn't getting through.

But it was very useful to be told that it *should* be working!  All happy 
now.

Ta lots,
Quentin

-- 
You received this message because you are subscribed to the Google Groups 
"Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to