kpapst

@takayukister thanks for this great plugin, sorry for not mentioning it earlier!
As the contact forms work with deactivated javascript, what do you think about an additional attribute on the [contact-form-7 rest_api=false] short code to deactivate the JS call?

Until there is a proper solution for users with deactivated rest api for anonymous user, I adjusted my security check to:

public function restApiForLoggedInUsersOnly($access)
{
    if (is_user_logged_in()) {
        return $access;
    }

    if (stripos($_SERVER['REQUEST_URI'], get_rest_url(null, 'contact-form-7')) !== false) {
        return $access;
    }

    return new \WP_Error(
        'rest_cannot_access',
        __('Only authenticated users can access the REST API.', 'disable-json-api'),
        array(
            'status' => rest_authorization_required_code()
        )
    );
}

I know its not a beauty … but my contact forms work again.

Same problem here after upgrading to latest WordPress and CF. JS console states:
jquery.js?ver=1.12.4:4 POST https://www.foo.bar/wp-json/contact-form-7/v1/contact-forms/173/feedback 401 (Unauthorized)

That is for me due to an officially supported filter, which I added for security reasons (you might remember the dramatic rest security issues last year):
add_filter('rest_authentication_errors', array($this, 'restApiForLoggedInUsersOnly'));

    public function restApiForLoggedInUsersOnly($access)
    {
        if (!is_user_logged_in()) {
            return new \WP_Error(
                'rest_cannot_access',
                __('Only authenticated users can access the REST API.', 'disable-json-api'),
                array(
                    'status' => rest_authorization_required_code()
                )
            );
        }

        return $access;
    }

So you are relying on an API endpoint which might not be available.

Can we have an option to manually deactivate javascript on a form?