django-cors-headers is not working
GAGANsinghmsitece opened this issue · comments
GaganSingh commented
I'm using django-cors-headers
in order to work it with react js.
Here's my settings.py
:-
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django_cleanup.apps.CleanupConfig',
'myapp',
'corsheaders'
]
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
CORS_ALLOWED_ORIGINS = [
"http://127.0.0.1:3000"
]
I'm running my react app at http://127.0.0.1:3000
but I'm still getting
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://127.0.0.1:8000/api/categories. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
What could be the reason for the error?
Adam Johnson commented
Use the network inspector to check the response headers. Or use curl
and set the Origin
header appropriately. Read the linked articles.
PraneethG commented
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:7000/api/jwt/create/. (Reason: expected ‘true’ in CORS header ‘Access-Control-Allow-Credentials’).