django cors Access-Control-Allow-Headers code example
Example 1: install crossheaders in django
pip install django-cors-headers
#Add corsheaders to installed applications in settings.py:
INSTALLED_APPS = [
...
'corsheaders',
]
#Add corsheaders.middleware.CorsMiddleware to middleware section in settings.py:
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
...
]
#Allow access to all domains by setting the following variable to TRUE in settings.py:
DEBUG = True
ALLOWED_HOSTS = []
CORS_ORIGIN_ALLOW_ALL = True
Example 2: Access-Control-Allow-Origin django
CORS_ORIGIN_WHITELIST = (
'google.com',
'hostname.example.com'
)