Flask和Django中解决跨域请求问题

Flask解决跨域

1. 下载flask_cors包

   pip install flask-cors
   

2. 使用flask_cors的CORS，代码示例

   from flask_cors import *
   app = Flask(__name__)
   CORS(app, supports_credentials=True)
   

Flask-CORS文档: https://flask-cors.readthedocs.io/en/latest/

Django解决跨域

1. 安装django-cors-headers

   pip install django-cors-headers
   

2. 修改settings.py

   INSTALLED_APPS = [
       ...
       'corsheaders'，
       ...
   ]
   MIDDLEWARE_CLASSES = (
       'django.middleware.security.SecurityMiddleware',
       'django.contrib.sessions.middleware.SessionMiddleware',
       'corsheaders.middleware.CorsMiddleware', # 添加这一行
       'django.middleware.common.CommonMiddleware',
       # 'django.middleware.csrf.CsrfViewMiddleware', 注释这一行
       'django.contrib.auth.middleware.AuthenticationMiddleware',
       'django.contrib.messages.middleware.MessageMiddleware',
       'django.middleware.clickjacking.XFrameOptionsMiddleware',
   )
   # 跨域增加忽略
   CORS_ALLOW_CREDENTIALS = True #  指明在跨域访问中，后端是否支持对cookie的操作
   CORS_ORIGIN_ALLOW_ALL = True # 允许所有主机请求你的API
   CORS_ORIGIN_WHITELIST = ( # 跨域请求白名单，为空时默认为全部
       'http://127.0.0.1:8080',
       'http://localhost:8080',
   )
   CORS_ALLOW_METHODS = (
       'DELETE',
       'GET',
       'OPTIONS',
       'PATCH',
       'POST',
       'PUT',
       'VIEW',
   )
   CORS_ALLOW_HEADERS = (
       'XMLHttpRequest',
       'X_FILENAME',
       'accept-encoding',
       'authorization',
       'content-type',
       'dnt',
       'origin',
       'user-agent',
       'x-csrftoken',
       'x-requested-with',
   )