Python CORS标题不存在,尽管已明确添加到响应中
我有一个Django服务器,我正试图为它实现会话。上周,由于以下原因,get请求突然被拒绝,一切正常:Python CORS标题不存在,尽管已明确添加到响应中,python,django,cors,Python,Django,Cors,我有一个Django服务器,我正试图为它实现会话。上周,由于以下原因,get请求突然被拒绝,一切正常: Access to fetch at 'http://localhost:8000/<URL> from origin 'http://localhost:3000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response
Access to fetch at 'http://localhost:8000/<URL> from origin 'http://localhost:3000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.
我的settings.py
似乎配置正确,在INSTALLED_APPS
中有corsheaders
和django.contrib.sessions
以及corsheaders.middleware.corsmidleware
和django.contrib.sessions.middleware.sessions
中间件中有
请求如下:
...
fetch(query_url, {credentials: 'include'}).then(d => {
if( d.status === 200 ) {
<do stuff>
}
})
。。。
获取(查询url,{credentials:'include'})。然后(d=>{
如果(d.状态===200){
}
})
我错过什么了吗?我正在使用django 2.1,不幸的是现在无法升级。在重新阅读包的文档后,我意识到问题在于我的设置中缺少此配置。py
:
CORS_ALLOW_CREDENTIALS = True
一个非常愚蠢的错误。我将把这个问题留给别人,以防其他人遇到同样的问题
CORS_ALLOW_CREDENTIALS = True