Answers for "django as been blocked by CORS policy: Request header field x-csrf-token is not allowed by Access-Control-Allow-Headers in preflight response. django"

-1

install crossheaders in django

pip install django-cors-headers

#Add corsheaders to installed applications in settings.py:

INSTALLED_APPS = [
    ...
    'corsheaders',
]

#Add corsheaders.middleware.CorsMiddleware to middleware section in settings.py:

MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    ...

]

#Allow access to all domains by setting the following variable to TRUE in settings.py:
DEBUG = True

ALLOWED_HOSTS = []

CORS_ORIGIN_ALLOW_ALL = True
Posted by: Guest on September-29-2020

Code answers related to "django as been blocked by CORS policy: Request header field x-csrf-token is not allowed by Access-Control-Allow-Headers in preflight response. django"

Python Answers by Framework

Browse Popular Code Answers by Language