完全错误:
Access to XMLHttpRequest at 'https://[redacted]/api/get_match_urls/' from origin 'https://trello.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
我在trello.com上通过扩展进行API调用
我的corsheaders
中有INSTALLED_APPS
。我的中间件中有尽可能高的'corsheaders.middleware.CorsMiddleware'
。我把CORS_ORIGIN_ALLOW_ALL
设置为True
。是的,我试过另一个别名CORS_ALLOW_ALL_ORIGINS
,但仍然不起作用。有人有什么想法吗
MIDDLEWARE = [
'debug_toolbar.middleware.DebugToolbarMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
我看了一下
corsheaders.middleware.CorsMiddleware
,似乎如果您设置了CORS_ALLOW_ALL_ORIGINS
而不是CORS_ALLOW_CREDENTIALS
,它将返回Access-Control-Allow-Origin: *
,但是如果您也设置了CORS_ALLOW_CREDENTIALS
,那么它将从请求头返回原点下面是代码中实现这一点的部分
另一个想法是使用
CORS_ALLOWED_ORIGIN_REGEXES
,例如相关问题 更多 >
编程相关推荐