Chrome on Android isn't letting some people login to our app. There's the bug in chrome on Android that I'm trying to work around. The workaround, however, requires whitelisting "file://" in CORS.

Tried adding 'file://' as whitelisted origin, but it gives me the error:

(corsheaders.E013) Origin 'file://' in CORS_ORIGIN_WHITELIST is missing  scheme or netloc
	HINT: Add a scheme (e.g. https://) or netloc (e.g. example.com).

I tried adding "file://* and django starts up, but the CORS preflight result doesn't include the needed Access-Control-Allow-Origin line (which it does successful for null).

Any ideas how to get this to work?

Actually, figured out how to do it: CORS_ORIGIN_REGEX_WHITELIST = r"^file://$"

Reopening it because the library shouldn't force you to create two problems with a regex!

Awesome, thanks!!!