search

pixelpassion / django-saas-boilerplate

A Django + django-rest-framework + Heroku + SaaS application boilerplate
MIT License
51 stars 10 forks source link

Cors handling update #20

Closed AntonDnepr closed 4 years ago

AntonDnepr commented 4 years ago

😱 What is happening? What did you expect instead?

Cors not working for frontend. Proposed chat solution:

from corsheaders.defaults import default_headers

CORS_ORIGIN_ALLOW_ALL = env.bool("CORS_ORIGIN_ALLOW_ALL", default=False)

CORS_ORIGIN_WHITELIST = CSRF_TRUSTED_ORIGINS = env.list("CORS_ORIGIN_WHITELIST")

CORS_ALLOW_CREDENTIALS = True

CORS_ALLOW_HEADERS = default_headers + (
    "If-None-Match",
    "Last-Modified",
    "Accept-Language",
    "If-Modified-Since",
    "Access-Control-Allow-Origin",
)

CORS_EXPOSE_HEADERS = (
    "ETag",
    "Last-Modified",
    "HTTP_X_RESPONSE_ID",
    "HTTP_GIT_BRANCH",
    "Access-Control-Expose-Headers",
)

☝️ Steps to reproduce

🐛 More details (Sentry link, etc.)

🚨 Priority

AntonDnepr commented 4 years ago

Should work after https://github.com/pixelpassion/django-rest-boilerplate/pull/22