0👍
You don’t need to put access-control-allow-origin in your CORS_ALLOW_HEADERS.
The Django CORS will add automatically on requests based on your configurations.
Some tips you could try:
- Use
default_headersinstead of put all default headers (just to improve the code) - I already had problems with some basic headers that Chrome was sending and my app didn’t allow them, so I had to add
from corsheaders.defaults import default_headers
CORS_ALLOW_HEADERS = default_headers + (
'Cache-Control', 'If-Modified-Since',
)
- Try adding “trusted origins”
CSRF_TRUSTED_ORIGINS = (
'*.yourdomain.com',
)
0👍
Check out this lib. https://pypi.org/project/django-cors-headers. It helped me to solve the same problem with React.
- [Django]-How do I programmatically create a user with django_social_auth?
- [Django]-Why isn't web2py more readily adopted?
- [Django]-A better django datetime filter at the admin panel
- [Django]-Django Templates – how do I output the relative path of file when using a FilePathField recursively
- [Django]-ElasticSearch term suggest on analyzed field returns no suggestions
Source:stackexchange.com