Menu
I develop and deployed django rest api on heroku. then iam trying to fetch api in vue cli but it won't work. It says CORS error.this time my mind has some questions
323
asked Mar 25 '26 13:03
CORS and JWT are complete different things.
JWT stands for JSON Web Tokens and is a token based authentication defined by RFC 7519. So a JWT token is used to allow access (login) to web resources. You can also add information to the token (like username), which can be read openly if unencrypted. But JWT has a signing method, so one can verify the token is valid. There's different crypto algorithms that can be used like e.g. RSA. You have the choice between asymmetrical signature (e.g. RSA) or symmetrical signing (e.g. HS256).
You can find information about JWT at jwt.io
CORS stands for Cross-Origin Resource Sharing and defines how the browser is allowed to ask requests across resources or to say it in other words: HTTP access to other domains.
In my opinion mozilla did a good job in covering CORS pretty well: https://developer.mozilla.org/de/docs/Web/HTTP/CORS
To your specific problem: You are trying to access a resource (http link) that doesn't belong to the same domain and thus your browser is not allowing to open it for security reasons.
allow-origin is a HTTP header and is set at the webframework your using. As Django doesn't come with CORS out of the box you will need some addition like https://github.com/ottoyiu/django-cors-headers
Once installed you can enable CORS
CORS_ORIGIN_ALLOW_ALL = True
and enable the cross domain requests you'd like to call:
CORS_ORIGIN_WHITELIST = (
'host1.example.com',
'host2.example.com',
'host3.foobar.info'
)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
