我正在使用一个简单的Django中间件来设置访问控制标头。
class CorsMoiddleware: def __init__(self, get_response): self.get_response = get_response def __call__(self, request): response = self.get_response(request) response["Access-Control-Allow-Origin"] = "*" response["Access-Control-Allow-Credentials"] = True response["Access-Control-Allow-Methods"] = "GET" response["Access-Control-Max-Age"] = "3600" response["Access-Control-Allow-Headers"] = "Content-Type, Accept, X-Requested-With, remember-me" return response使用卷曲我可以清楚地看到正确的标题。
< HTTP/1.1 200 OK < Date: Thu, 24 Oct 2019 09:40:35 GMT < Server: WSGIServer/0.2 CPython/3.7.4 < Content-Type: application/json < Vary: Accept, Cookie < Allow: GET, POST, HEAD, OPTIONS < Access-Control-Allow-Origin: * < X-Frame-Options: SAMEORIGIN < Content-Length: 176 < Access-Control-Allow-Credentials: True < Access-Control-Allow-Methods: GET < Access-Control-Max-Age: 3600 < Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, remember-me ...但是,如果我尝试从JavaScript
fetch中获取URL,则会在控制台中看到以下错误。
Access to fetch at 'http://localhost:8000/api/v1/todo' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
我正在使用一个简单的Django中间件来设置访问控制标头。 class CorsMoiddleware:def __init __(self,get_response):self.get_response = get_response def __call __(self,...
尝试使用:
在fetch ed的URL中添加斜杠可以解决问题。