参考
https://pypi.org/project/django-cors-headers/
在setting.py中设置
python
INSTALLED_APPS = [
......
'corsheaders', #添加此行
]
MIDDLEWARE=[
......
'corsheaders.middleware.CorsMiddleware', #添加此行
'django.middleware.common.CommonMiddleware',
#'django.middleware.csrf.CsrfViewMiddleware',#注释此行
......
]
#添加配置此白名单
#CORS_ALLOW_ALL_ORIGINS =TRUE
CORS_ALLOWED_ORIGINS = [
"https://example.com",
"https://sub.example.com",
"http://localhost:8080",
"http://127.0.0.1:9000",
]
CORS_ALLOW_METHODS = (
"DELETE",
"GET",
"OPTIONS",
"PATCH",
"POST",
"PUT",
)
CORS_ALLOW_HEADERS = (
"accept",
"authorization",
"content-type",
"user-agent",
"x-csrftoken",
"x-requested-with",
)