我一直在嘗試django-cors-middleware幾天,但我無法弄清楚如何設置它。
任何人都可以告訴我我做錯了嗎?
以下是我正在使用的測試項目設置。
django-cors-middleware不工作
- Django的版本:1.10.3
- 蟒蛇版本:3.5.2
- 項目名稱:cors_test
- 應用程序名稱:appone
appone/urls.py
urlpatterns = [ url(r'^$', views.test_cors, name='test_cors'), ]
appone/views.py
def test_cors(request): return render(request, 'appone/test.html', {})
appone /模板/ appone /的test.html
<html> <script type="text/javascript"> var url = 'https://www.google.co.jp/?gfe_rd=cr&ei=BuxgWJ-_LIyL8QfIgYe4BQ'; var xhr = new XMLHttpRequest(); xhr.open('GET', url, true); xhr.onload = function() { var responseText = xhr.responseText; console.log(responseText); }; xhr.onerror = function() { console.log('There was an error!'); }; xhr.send(); </script> </html>
settings.py
INSTALLED_APPS = [ 'corsheaders', 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'appone' ] MIDDLEWARE = [ 'corsheaders.middleware.CorsMiddleware', 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', ] CORS_ORIGIN_ALLOW_ALL = True
就是這樣!這是每一個設置,我通過
跑服務器python manage.py runserver
下面是我得到通過上述從控制檯
- 錯誤運行,
(index):1 XMLHttpRequest無法加載 https://www.google.co.jp/?gfe_rd=cr&ei=BuxgWJ-_LIyL8QfIgYe4BQ。否 「訪問控制 - 允許來源」標題出現在請求的 資源中。因此,'http://127.0.0.1:8000'不允許 訪問。
(index):14出現錯誤!
請求頭
:authority:www.google.co.jp :method:GET :path:/?gfe_rd=cr&ei=BuxgWJ-_LIyL8QfIgYe4BQ :scheme:https accept:*/* accept-encoding:gzip, deflate, sdch, br accept-language:ja,en-US;q=0.8,en;q=0.6 cache-control:no-cache origin:http://127.0.0.1:8000 pragma:no-cache referer:http://127.0.0.1:8000/ user-agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 x-client-data:CJe2yQEIpbbJAQjEtskBCPucygEIqZ3KAQ==
響應頭
alt-svc:quic=":443"; ma=2592000; v="35,34" cache-control:private, max-age=0 content-encoding:gzip content-type:text/html; charset=UTF-8 date:Mon, 26 Dec 2016 10:48:37 GMT expires:-1 p3p:CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info." server:gws set-cookie:NID=93=Mg89hJyAP7FyVu5AT9RzCWxyPndiWPZdKTDgipYBJhJwEBRXdMLTa5aPOBvLjVW6mwUCY1qSaOnPPIlqMvT2x1VjdoPhdlyK67ufk5bOFJJC9eKaEtfngw2xWBhSTSyI; expires=Tue, 27-Jun-2017 10:48:37 GMT; path=/; domain=.google.co.jp; HttpOnly status:200 x-frame-options:SAMEORIGIN x-xss-protection:1; mode=block
一般
Request URL:https://www.google.co.jp/?gfe_rd=cr&ei=BuxgWJ-_LIyL8QfIgYe4BQ Request Method:GET Status Code:200 Remote Address:216.58.197.195:443
http://stackoverflow.com/questions/38355526/django-1-9-django-cors-headers-ajax-not-working –
我覺得我的問題類似於上面的鏈接,但鏈接的解決方案did not help =/ –
'django-cors-middleware'允許您控制從不同域訪問您的Django應用程序。它不允許您控制從Django應用程序訪問google.co.jp。您不控制google.co.jp返回的標題,因此您無法使用中間件啓用cors。 – Alasdair