其他分享
首页 > 其他分享> > Django设置跨域访问

Django设置跨域访问

作者:互联网

Django设置跨域访问

(1) 安装DjangoCors Headers

pip install django-cors-headers

(2) settings.py 配置如下

INSTALLED_APPS = [
    # 'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    # 'django.contrib.messages',
    # 'django.contrib.staticfiles',
    # 添加应用index
    'index',
    # 添drf
    'rest_framework',
    # 添加DjangoCors Headers
    'corsheaders',
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    # 跨域访问
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    # 'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

# 设置跨域设置

CORS_ALLOW_CREDENTIALS = True # 设置HTTP请求是否允许携带cookies信息,默认值为False
CORS_ORIGIN_ALLOW_ALL = True # 默认值为False,只允许CORS_ORIGIN_WHITELIST设置的域名列表发送HTTP请求,若为True,则允许所有域名发送HTTP请求。
CORS_ORIGIN_WHITELIST = () # 默认值为空列表,设置允许发送HTTP请求的域名,即部署前端项目的的服务器IP地址或域名

# 设置允许的HTTP请求方式,如GET,POST
CORS_ALLOW_METHODS = (
    'DELETE',
    'GET',
    'OPTIONS',
    'PATCH',
    'POST',
    'PUT',
    'VIEW',
)

# 设置非标准的HTTP请求头
CORS_ALLOW_HEADERS = (
    'XMLHttpRequest',
    'X_FILENAME',
    'accept-encoding',
    'authorization',
    'content-type',
    'dnt',
    'origin',
    'user-agent',
    'x-csrftoken',
    'x-requested-with',
)

标签:HTTP,跨域,middleware,django,访问,设置,CORS,contrib,Django
来源: https://www.cnblogs.com/minqiliang/p/16586170.html