【发布时间】:2020-04-14 20:40:32
【问题描述】:
我有一个 Django(v2.2) 项目托管在一个 url 上,看起来像
https://some.example.com/mypath/ 的 API 端点位于 blog/create。
我需要从https://some.example.com/anotherpath/ofmine/(使用 axios)发出 POST 请求,但这给了我一个 301 错误,并在 Firefox 71.0 中显示以下消息:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://some.example.com/mypath/blog/create/. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://some.example.com/mypath/blog/create/. (Reason: CORS request did not succeed).
但是,我可以轻松地向本地托管的开发服务器发出相同的请求。
相关设置:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'rest_framework_docs',
'corsheaders',
'django_extensions',
...
]
USE_X_FORWARDED_HOST = True
FORCE_SCRIPT_NAME = '/mypath'
CORS_ORIGIN_ALLOW_ALL = True
错误的原因和可能的解决方法是什么?
【问题讨论】:
标签: python django django-rest-framework django-cors-headers