Perhaps it is a bit early for this but Is there anywhere origin is checked against ALLOWED_HOSTS ?
Middleware support would be nice to but I guess you'll come to that when implementing user authentication. Keep up the great work ! -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CALC3KacL7H3A-pW-zLQyDhx2c5ev3dd6syXHjqaV2F%2BigHXMdQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.