【发布时间】:2019-09-28 01:19:47
【问题描述】:
使用 axios 访问 django Rest API 出现以下错误
从源“http://localhost:8080”访问“http://api.localhost:8080/auth/register-shop/”处的 XMLHttpRequest 已被 CORS 策略阻止:预检响应中的 Access-Control-Allow-Headers 不允许请求标头字段 access-control-allow-origin .
我在此链接https://pypi.org/project/django-cors-headers/ 中添加了 django cors 标头
前端页面
axios({
method: 'post',
url: 'http://api.localhost:8080/auth/register-shop/',
//url: 'http://api.yuniq.ml/auth/register-shop/',
headers: {
"Access-Control-Allow-Origin": "*",
"content-type": "application/json"
},
data: {
"name": Name,
"address": Address,
"city": City,
"postalC ode": PostalCode,
"telephone": Telephone,
"openTime": Opentime,
"closeTime": Closetime,
"image_url": Image_url //still not working
}
}).then(function (response) {
console.log(response);
})
.catch(function (error) {
console.log(error);
});
}
settings.py
INSTALLED_APPS = ['corsheaders']
MIDDLEWARE = [
'django_hosts.middleware.HostsRequestMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware' , #add cors middleware
'django.middleware.common.CommonMiddleware',
'corsheaders.middleware.CorsPostCsrfMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django_hosts.middleware.HostsResponseMiddleware',
]
CORS_ORIGIN_ALLOW_ALL = True
执行此操作后错误未解决
【问题讨论】:
-
检查 settings.py 中的 ALLOWED_HOSTS。将其设置为此 ALLOWED_HOSTS = ["*"]
-
还在 settings.py 中添加了 ALLOWED_HOSTS = ['*']
-
从前端 JavaScript 代码中的 axios 调用中删除
Access-Control-Allow-Origin": "*"。 -
你不能从 django 视图中为你的响应添加访问控制吗?
response = HttpResponse(json.dumps(string)) response["Access-Control-Allow-Origin"] = "*" return response -
仍然出现同样的错误
标签: django django-rest-framework cors axios django-cors-headers