基本上是这个问题:cross origin access issues - django 2.1.7
但是仍然没有正确回答。这仍然是JS吗?还是我们错过了什么?
原始问题:
我几乎遍历了所有SO链接,重新安装了django和django-cors-headers,然后按照this到T,但是我们得到了
不允许飞行前错误穿越原点
Django版本2.1.7
settings.py的相关部分
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'corsheaders',
'uploads.core',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'corsheaders.middleware.CorsPostCsrfMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
CORS_ORIGIN_ALLOW_ALL = True
即使顶部是corsheader中间装,也会出现相同的错误代码。
[Error] Cross-origin redirection to https://a.tile.openstreetmap.org/14/4684/6268.png denied by Cross-Origin Resource Sharing policy: Origin http://localhost:8000 is not allowed by Access-Control-Allow-Origin.
[Error] Cannot load image http://a.tile.openstreetmap.org/14/4684/6268.png due to access control checks.
似乎唯一的方法就是简单地禁用跨域安全性。您可以在Google上查找;但是,我不确定您是否仍需要CORS中间件进行生产(即托管,部署,通过url提供)。