Use POST method instead of GET to perform logout in browsable API by realsuayip · Pull Request #9208 · encode/django-rest-framework (original) (raw)

It appears that using POST for logout has been available from the start (for the view we are using at least). So as long as we get the form action and CSRF right, it should be fine.

I added a test that specifically checks for the form declaration. If you had something other in your mind, let me know.