Closed Pomax closed 8 years ago
This adds the CORS var that tells Django to allow withCredentials() and CSRF tokens when hitting a route with an HTTP write verb (POST/PUT/DELETE/etc)
withCredentials()
@Pomax looks like tests are failing
yeah the old test needed an update (anything hitting /api/... gets CORS cleared specifically on its own domain, not on *)
/api/...
*
lgtm r+
This adds the CORS var that tells Django to allow
withCredentials()
and CSRF tokens when hitting a route with an HTTP write verb (POST/PUT/DELETE/etc)