Menu
django-cors-headers not work
INSTALLED_APPS = ( 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'django.contrib.gis', 'corsheaders', 'rest_framework', 'world', 'userManager', 'markPost', 'BasicServices', ) MIDDLEWARE_CLASSES = ( 'django.contrib.sessions.middleware.SessionMiddleware', 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ) CORS_ORIGIN_ALLOW_ALL = True CORS_ALLOW_CREDENTIALS = True Everything is normal, but did not work
here my response headers
Cache-Control: max-age=0 Content-Type: text/html; charset=utf-8 Date: Tue, 20 Jan 2015 13:16:17 GMT Expires: Tue, 20 Jan 2015 13:16:17 GMT Last-Modified: Tue, 20 Jan 2015 13:16:17 GMT Server: WSGIServer/0.1 Python/2.7.8 Set-Cookie: csrftoken=snXksqpljbCLW0eZ0EElFxKbiUkYIvK0; expires=Tue, 19-Jan-2016 13:16:17 GMT; Max-Age=31449600; Path=/ Vary: Cookie X-Frame-Options: SAMEORIGIN 
752
django-cors-headers is a Django application for handling the server headers required for Cross-Origin Resource Sharing (CORS).
For enable CORS open medium/settings.py file and type the following lines of code: We will use test-cors.org for testing CORS request again. Enter your api url in “Remote URL” and submit request.
I was having this same issue and everything seemed to be in the right place. Then I figured out that I had started the server before adding 'corsheaders.middleware.CorsMiddleware', to the MIDDLEWARE_CLASSES. After making the correction, it was still not working. After trying a bunch of stuff, I opened it in another browser and it worked. So it turned out that I just needed to clear the browser cache.
38
According to the process_response code from CorsMiddleware:
response[ACCESS_CONTROL_ALLOW_ORIGIN] = "*" if ( settings.CORS_ORIGIN_ALLOW_ALL and not settings.CORS_ALLOW_CREDENTIALS) else origin You must set settings like this:
# CORS Config CORS_ORIGIN_ALLOW_ALL = True CORS_ALLOW_CREDENTIALS = False If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
