解决跨域问题

Posted on   呱呱呱呱叽里呱啦  阅读(28)  评论(0编辑  收藏  举报

解决跨域问题

自定义中间件,重写process_response,给响应头添加字段和字段值,处理简单请求和非简单请求

from django.utils.deprecation import MiddlewareMixin
from django.conf import settings
class Cors_MiddleWare(MiddlewareMixin):
    def process_response(self,request,response):
        response['Access-Control-Allow-Origin'] = settings.CORS_ALLOW_ORIGIN
        if request.method == 'OPTIONS':
            response['Access-Control-Allow-Headers'] = settings.CORS_ALLOW_HEADERS

        return response



CORS_ALLOW_ORIGIN = '127.0.0.1:8080'

CORS_ALLOW_HEADERS = (
    "accept",
    "accept-encoding",
    "authorization",
    "content-type",
    "dnt",
    "origin",
    "user-agent",
    "x-csrftoken",
    "x-requested-with",
    'token',
)


MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'luffyapi.utils.cors_middleware.Cors_MiddleWare', 
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

或者使用第三方模块:pip install django-cors-headers

# 注册app
INSTALLED_APPS = [
    ...
    'corsheaders',
]

# 添加中间件
MIDDLEWARE = [
    ...
    'corsheaders.middleware.CorsMiddleware',
]

# 允许跨域源
CORS_ORIGIN_ALLOW_ALL = True

# 允许的请求头
CORS_ALLOW_HEADERS = (
    "accept",
    "accept-encoding",
    "authorization",
    "content-type",
    "dnt",
    "origin",
    "user-agent",
    "x-csrftoken",
    "x-requested-with",

    # 额外允许的请求头
    'token',
)

(评论功能已被禁用)
相关博文:
·  Django前后端通信
·  Django路由层
·  cors解决跨域请求 和cors-headers组件
·  关于前后端跨域问题的解决
·  解决前后端跨域问题
阅读排行:
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· ollama系列01:轻松3步本地部署deepseek,普通电脑可用
· 25岁的心里话
· 按钮权限的设计及实现
点击右上角即可分享
微信分享提示
AI IDE Trae