Blocked by CORS policy despite using django-cors-headers package
namratasp20 opened this issue · comments
Hi Team,
I am learning django and have come across this issue.
Error in browser console :
Access to XMLHttpRequest at 'http://pallab.cds.iisc.ac.in/INTERPIN/Ecoli/ex_hp.bed' from origin 'http://localhost:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I have installed django-cors-headers and updated my code to include following:
- 'corsheaders' under INSTALLED_APPS,
- 'corsheaders.middleware.CorsMiddleware', at the top of MIDDLEWARE
- CORS_ALLOW_ALL_ORIGINS = False
CORS_ORIGIN_WHITELIST = ['http://localhost:8000']
Could you help me understand, why CORS policy error is appearing even after updating code for django-cors-headers ?
Am I missing out on something in the code ? OR the issue is out of scope of the code itself
The headers need to be added on the server serving http://pallab.cds.iisc.ac.in/INTERPIN/Ecoli/ex_hp.bed, not your Django app which is presumably the thing running on localhost:8000.
Sorry to reopen this issue.
I missed out to mention earlier ...that files with extension (.fasta) from the sever are accessible. However any other files (.bed, .gff) aren't accessible.
So I am bit confused as to why some files are accessible and some are not .. given headers are absent
That may be a separate browser measure called CORB. Check the error console on your browser. Django-cors-headers is almost certainly not the solution.