即使安装了CORS中间件并启用了Cross Origin Requests也是如此。我无法使用Javascript发布帖子请求。
const csrf = Cookies.get('csrftoken');
return {
'X-CSRFToken' : csrf,
'Access-Control-Allow-Origin':"*"
"Access-Control-Allow-Headers":"Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"};
还有Django app
CORS_ORIGIN_ALLOW_ALL = True
CORS_ORIGIN_WHITELIST = (
'127.0.0.1',
)
CORS_ALLOW_HEADERS = (
'x-requested-with',
'content-type',
'accept',
'origin',
'authorization',
'x-csrftoken',
'x-api-key'
)
并且在添加CORS中间件之后,
MIDDLEWARE_CLASSES = ('corsheaders.middleware.CorsMiddleware')
答案 0 :(得分:0)
也许你需要设置Access-Control-Request-Methods。 像这样的东西
"Access-Control-Request-Methods": "OPTIONS, HEAD, GET, POST"