Update django-cors-headers to 3.0.0

[pyup-bot]

This PR updates django-cors-headers from 2.5.2 to 3.0.0.

Changelog

### 3.0.0 ``` ------------------ * ``CORS_ORIGIN_WHITELIST`` now requires URI schemes, and optionally ports. This is part of the CORS specification (`Section 3.2 <https://tools.ietf.org/html/rfc6454section-3.2>`_) that was not implemented in this library, except from with the ``CORS_ORIGIN_REGEX_WHITELIST`` setting. It fixes a security issue where the CORS middleware would allow requests between schemes, for example from insecure ``http://`` Origins to a secure ``https://`` site. You will need to update your whitelist to include schemes, for example from this: .. code-block:: python CORS_ORIGIN_WHITELIST = ['example.com'] ...to this: .. code-block:: python CORS_ORIGIN_WHITELIST = ['https://example.com'] * Removed the ``CORS_MODEL`` setting, and associated class. It seems very few, or no users were using it, since there were no bug reports since its move to abstract in version 2.0.0 (2017-01-07). If you *are* using this functionality, you can continue by changing your model to not inherit from the abstract one, and add a signal handler for ``check_request_enabled`` that reads from your model. Note you'll need to handle the move to include schemes for Origins. ``` ### 2.5.3 ``` ------------------ * Tested on Django 2.2. No changes were needed for compatibility. * Tested on Python 3.7. No changes were needed for compatibility. ```

Links

- PyPI: https://pypi.org/project/django-cors-headers - Changelog: https://pyup.io/changelogs/django-cors-headers/ - Repo: https://github.com/ottoyiu/django-cors-headers

[pyup-bot]

Closing this in favor of #107