0👍
by default django dose not allow Access-Control-Allow-Origin for all domains you should add a MIDDLEWARE_CLASSES to do this .
class AccessControl(object):
def process_request(self, request):
if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META:
response = http.HttpResponse()
response["Access-Control-Allow-Origin"]= "*"
response["Access-Control-Allow-Credentials"] = "true"
response["Access-Control-Allow-Methods"]= "GET,HEAD,OPTIONS,POST,PUT"
response["Access-Control-Allow-Headers"] = "Authentication , Authorization , X-CSRF-Token , Access-Control-Allow-Credentials , Access-Control-Allow-Methods , Access-Control-Allow-Origin , Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"
return response
return None
then in setting.py
MIDDLEWARE_CLASSES = [
...
'app.filename.AccessControl',
]
this will allow requests from all domains
Source:stackexchange.com