Prevent CORS requests in some views
bitcity opened this issue · comments
bitcity commented
There's CORS_URLS_REGEX
to whitelist those URLs where CORS is required. Is the reverse possible i.e. can we blacklist some views / URLs where CORS should not work e.g. login. Can I prevent CORS at view level by adding/modifying a header in the view ?
Adam Johnson commented
You can use a negative lookahead in your regex to match all URL's except a certain pattern...
https://stackoverflow.com/questions/1687620/regex-match-everything-but-specific-pattern
In [3]: re.match(r'^(?!/api/).*$', '/api/1')
In [4]: re.match(r'^(?!/api/).*$', '/docs/1')
Out[4]: <re.Match object; span=(0, 7), match='/docs/1'>
Enjoy!