Is your feature request related to a problem? Please describe.
PWA development needs Access-Control-Allow-Origin headers. In production this should contain https://www.devday.de, for development on local machines it will need https://localhost:4200. The header can only contain one value so we need a server side whitelist of allowed origins.
Describe the solution you'd like
An Access-Control-Allow-Origin with an appropriate value and a way to configure acceptable Origins.
Additional context
There is a django-Middleware https://pypi.org/project/django-cors-headers/ that will probably provide the correct implementation. This needs to be integrated/tested.
Is your feature request related to a problem? Please describe. PWA development needs Access-Control-Allow-Origin headers. In production this should contain https://www.devday.de, for development on local machines it will need https://localhost:4200. The header can only contain one value so we need a server side whitelist of allowed origins.
Describe the solution you'd like An Access-Control-Allow-Origin with an appropriate value and a way to configure acceptable Origins.
Describe alternatives you've considered Setting a single header in the web server in front of the application. This is not sufficient because the header does only allow a single URL value (see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)
Additional context There is a django-Middleware https://pypi.org/project/django-cors-headers/ that will probably provide the correct implementation. This needs to be integrated/tested.