【问题标题】:'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource“http://localhost:3000”已被 CORS 策略阻止:请求的资源上不存在“Access-Control-Allow-Origin”标头
【发布时间】:2021-02-20 22:50:50
【问题描述】:

我正在使用 Django 和 React 使用 Rest Framework 进行项目。我在 settings.py 中设置了CORS_ALLOW_ALL_ORIGINS=True 仍然收到错误Access to XMLHttpRequest at 'http://127.0.0.1:8000/api/encrypt/' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

我正在使用 axios 发布和获取请求。令人惊讶的是,即使在发出错误发布请求但获取请求失败之后。 这是使用 axios 的反应文件

sendImage =()=> {
     this.activateSpinner()
     let formData = new FormData()
     formData.append('to_be_hidden', this.state.files[0], this.state.files[0].name)
     formData.append('used_to_hide', this.state.files[1], this.state.files[1].name)
     axios.post('http://127.0.0.1:8000/api/encrypt/', formData, {
         headers: {
            'accept': 'application/json',
            'content-type': 'multipart/form-data'
         }
     })
     .then(resp=>{
         this.getImageClass(resp)
         console.log(resp.data.id)
     })
     .catch(err=>{
         console.log("Code broke at send image")
         console.log(err)
     })
 }

 getImageClass =(obj)=> {
     axios.get(`http://127.0.0.1:8000/api/encrypt/${obj.data.id}/`, {
         headers: {
            'accept': 'application/json',
         }
     })
     .then(resp=>{
         this.setState({recentImage:resp})
         console.log(resp)
     })
     .catch(err=>{
        console.log("Code broke at get image")
        console.log(err)
    })
    this.deactivateSpinner()

 }

【问题讨论】:

    标签: reactjs django django-rest-framework cross-domain django-cors-headers


    【解决方案1】:

    这绝对是后端的问题,我是说 Django。

    CORS_ALLOW_ALL_ORIGINS=True 设置CORS_ALLOW_ALL_ORIGINS 值后,还需要设置ALLOWED_HOSTS 的值。 例如 ALLOWED_HOSTS=['*']

    请查看以下链接。

    https://pypi.org/project/django-cors-headers/

    https://dzone.com/articles/how-to-fix-django-cors-error

    【讨论】:

      【解决方案2】:
      ALLOWED_HOSTS=['*']
      
      INSTALLED_APPS = [
          'django.contrib.admin',
           ...
          'corsheaders',
         
      ]
      
      MIDDLEWARE = [
          "django.middleware.security.SecurityMiddleware",
           ....
         
          "corsheaders.middleware.CorsMiddleware",
      ]
      
      CORS_ORIGIN_ALLOW_ALL = True
      
      CORS_ALLOW_CREDENTIALS = True
      
      
      CORS_ALLOW_METHODS = [
          "DELETE",
          "GET",
          "OPTIONS",
          "PATCH",
          "POST",
          "PUT",
      ]
      CORS_ALLOW_HEADERS = [
          "accept",
          "accept-encoding",
          "authorization",
          "content-type",
          "dnt",
          "origin",
          "user-agent",
          "x-csrftoken",
          "x-requested-with",
      ]
      

      【讨论】:

        猜你喜欢
        • 2019-11-08
        • 2020-11-26
        • 2020-03-03
        • 2020-04-16
        • 1970-01-01
        • 2019-12-05
        • 1970-01-01
        • 2020-01-24
        相关资源
        最近更新 更多