The value of the ‘Access-Control-Allow-Credentials’ header in the response is ‘’ which must be ‘true’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
linhnvhicts opened this issue · comments
Hi i installed the package and setup in installed_app
and middleware
(i put corsheaders.middleware.CorsMiddleware at the top too), i also set CORS_ORIGIN_ALLOW_ALL=True
like in the document
But when the frontend client(using ReactJS and axios) call django-rest-framework API it return the following error:
Access to XMLHttpRequest at ‘My API URL’ from origin ‘http://localhost:3000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Credentials’ header in the response is ‘’ which must be ‘true’ when the request’s credentials mode is ‘include’. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Does anyone know what i did wrong ?
Seems like it's frontend side fault, they have bad axios config related to the domain name :|