Django Rest Framework:XML​​HttpRequest无法加载http://127.0.0.1:8000/xyz/api/abc [英] Django Rest Framework: XMLHttpRequest cannot load http://127.0.0.1:8000/xyz/api/abc

问题描述

解决方案:在网址末尾添加斜杠...

SOLUTION: Add a trailing slash to the end of the url...

" http://127.0.0.1:8000/xyz/api/abc/"而不是" http://127.0.0.1:8000/xyz/api/abc"

....

我已经成功创建了Django Rest API，并且能够在本地存储和托管数据.我已经分别构建了一个angularjs1.0应用程序，并试图通过$ http get请求提取数据，但是我遇到了这个错误:

I have successfully created a Django Rest API and am able to store and host data locally it seems. I have built an angularjs1.0 app separately and am attempting to extract the data via $http get request however I'm running into this error:

XMLHttpRequest cannot load http://127.0.0.1:8000/xyz/api/abc. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://172.20.9.163:8080' is therefore not allowed access.

我试图安装CORS并将其添加到我的INSTALLED_APPS中，但似乎没有任何作用.

I have attempted to install CORS and have added it to my INSTALLED_APPS, yet nothing seems to be working yet.

这是获取请求:

getABC : function() {
            $http({
                method: 'GET',
                url: 'http://127.0.0.1:8000/xyz/api/abc',
                cache: false
            }).success(function(data) {
                console.log(data)
                callback(data);
            });
        },

下面是我的Django settings.py文件:

Here's a look at my Django settings.py file:

INSTALLED_APPS = (
    'xyz',
    'corsheaders',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',

)

CORS_ORIGIN_ALLOW_ALL = True

推荐答案

TL; DR

将您的AJAX请求发送到带有斜杠的URL.

Issue your AJAX request to a slash-appended URL.

说明

在我们讨论之后，罪魁祸首似乎是Django的自动APPEND_SLASH = True，当启用CommonMiddleware时启用.

After our discussion, it appears that the culprit is Django's automatic APPEND_SLASH = True which is enabled when CommonMiddleware is enabled.

这会导致来自Angular应用程序的AJAX请求首先命中301 Moved Permanently重定向到斜杠添加的URL.但是，corsheaders中间件不对此响应起作用，因此浏览器抱怨缺少Access-Control-Allow-Origin标头.

This causes the AJAX request from your Angular app to first hit a 301 Moved Permanently redirect to the slash-appended URL. However, the corsheaders middleware does not act on this response, so the browser complains about a missing Access-Control-Allow-Origin header.

可以通过直接请求带有斜杠的URL并完全绕过301重定向来解决此问题.

This is solved by requesting the slash-appended URL directly, and bypassing the 301 redirect altogether.

$http({
    method: 'GET',
    url: 'http://127.0.0.1:8000/xyz/api/abc/',  // trailing slash here
    cache: false
}).success(...);

这篇关于Django Rest Framework:XML​​HttpRequest无法加载http://127.0.0.1:8000/xyz/api/abc的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！