Access-Control-Allow-Origin in Django app when accessed with Phonegap
Django by default does not provide the headers necessary to provide cross origin. The easiest way would be to just use this Django app that handles it for you: https://github.com/ottoyiu/django-cors-headers
You can then set whichever domains you want white listed using the settings
CORS_ORIGIN_WHITELIST = (
'google.com',
'hostname.example.com'
)
to support allowing all, just use the setting...
CORS_ALLOW_ALL_ORIGINS = True
and then do any filtering of the request in middleware or in the view.
For single views you can manually add headers:
@require_GET
def api_getto(request):
response = JsonResponse(
# your stuff here
)
response["Access-Control-Allow-Origin"] = "*"
response["Access-Control-Allow-Methods"] = "GET, OPTIONS"
response["Access-Control-Max-Age"] = "1000"
response["Access-Control-Allow-Headers"] = "X-Requested-With, Content-Type"
return response