Django React CORS

Я уже установил django-cors-header и настроил settings.py таким образом:

ALLOWED_HOSTS = [
    'http://localhost:3000',
    'localhost'
]
CORS_ALLOWED_ORIGINS = [
    "http://localhost:3000"
]


# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    "corsheaders",
    'rest_framework',
    'rest_framework_simplejwt',
    'service_get_data',
    'background_task',
    'service_append_data',
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    "corsheaders.middleware.CorsMiddleware",
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

и все же, когда я делаю GET запрос, я получаю эту ошибку:

Доступ к XMLHttpRequest на 'http://localhost:8000/login/csrf/' от origin 'http://localhost:3000' был заблокирован политикой CORS: The значение заголовка 'Access-Control-Allow-Credentials' в ответе '', которое должно быть 'true', когда режим мандатов запроса является 'include'. Режим учетных данных запросов, инициированных с помощью XMLHttpRequest, контролируется атрибутом withCredentials.
.

вот GET запрос:

axios.get('http://localhost:8000/login/csrf/', {withCredentials: true});

и Django View:

from django.middleware.csrf import get_token
from rest_framework.response import Response


class CsrfAPI(APIView):

    def get(self, request):
        response = Response({"message": "Set CSRF cookie"})
        response["X-CSRFToken"] = get_token(request)
        return response

Также вот ответ headers:

Access-Control-Allow-Origin: http://localhost:3000
Allow: GET, HEAD, OPTIONS
Content-Length: 29
Content-Type: application/json
Date: Mon, 06 Sep 2021 10:56:59 GMT
Referrer-Policy: same-origin
Server: WSGIServer/0.2 CPython/3.7.7
Set-Cookie: csrftoken=Exx4Qdt7aYP78EajkglHKwJ3O7rCcU8qp6dIvuLu070z8IYaaH8XQDmDzOhDqWn1; expires=Mon, 05 Sep 2022 10:56:59 GMT; Max-Age=31449600; Path=/; SameSite=Lax
Vary: Accept, Cookie, Origin
X-Content-Type-Options: nosniff
X-CSRFToken: PMW2N3vIqWS3QMmYafE008DMAnVbQrpWAlCGskN5g53vQQaP0Grg6fgml4Lc4tEx
X-Frame-Options: DENY

Вернуться на верх

Последние вопросы и ответы

How to resolve circular dependency error in django models

Django form field labels are not displaying in the template

REACT Component for Car Dealerships Page Not Visible

Failed to execute 'setRemoteDescription' on 'RTCPeerConnection' on webrtc

what has happened to the add view in Wagtail 6.x

Linked tables/models in Django - more than Foreign Keys

I am generating the pdf file in django, here i am using @font-face for USPSIPStandard for just one <p> tag, but it is affecting the whole pdf

Store ONNX Models in PostgreSQL with Django

Looking for Inspiration & Recommendations for My Upcoming POS Project using Django [closed]

In django transactions, what happens if an error is raised in on_commit?

Django React CORS

Последние вопросы и ответы

Рекомендуемые записи по теме