如何解决我的Django API的CORS问题? [英] How to solve CORS problem of my Django API?
问题描述
我无法在Django API中解决CORS问题。调用此API时,出现错误:
I cannot solve CORS problem in my Django API. When I make a call to this API, I get error:
在' http:// localhost:8000 / '起源
' http:/ / localhost 已被CORS策略阻止:对
预检请求的响应未通过访问控制检查:在请求的请求中不存在
'Access-Control-Allow-Origin'标头
资源。如果不透明的响应满足您的需求,请将请求的
模式设置为 no-cors,以在禁用CORS的情况下获取资源。
Access to fetch at 'http://localhost:8000/' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
要启用CORS,我做了 pip安装django-cors-headers
并将以下代码添加到 settings.py
:
To enable CORS, I did pip install django-cors-headers
and added the following code to settings.py
:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'corsheaders',
]
MIDDLEWARE_CLASSES = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
CORS_ORIGIN_WHITELIST = [
'localhost:80',
'localhost:8000',
'127.0.0.1:8000'
]
我应该说我在Docker上运行我的项目。这是 docker-compose.yml
:
I should say that I run my project on Docker. This is docker-compose.yml
:
version: '2'
services:
django-docker:
build:
context: .
dockerfile: Dockerfile.django
container_name: my.django
image: my-django
ports:
- 8000:8000
webapp-docker:
build:
context: .
dockerfile: Dockerfile.webapp
container_name: my.webapp
image: my-web
ports:
- 80:80
推荐答案
您需要添加 corsheaders.middleware.CorsMiddleware
中间件到 settings.py
中的中间件类:
You need to add corsheaders.middleware.CorsMiddleware
middleware to the middleware classes in settings.py
:
MIDDLEWARE_CLASSES = (
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.BrokenLinkEmailsMiddleware',
'django.middleware.common.CommonMiddleware',
#...
)
您有重复的 django.middleware.common.CommonMiddleware
You have duplicate django.middleware.common.CommonMiddleware
in your middleware classes.
然后,您可以通过添加以下设置为所有域启用CORS:
You can then, either enable CORS for all domains by adding the following setting:
CORS_ORIGIN_ALLOW_ALL = True
或仅为指定的域启用CORS:
Or Only enable CORS for specified domains:
CORS_ORIGIN_ALLOW_ALL = False
CORS_ORIGIN_WHITELIST = (
'http://localhost:8000',
)
这篇关于如何解决我的Django API的CORS问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!