Comments (9)
beneshed
commented on August 19, 2024
Also i've been trying to log through it and seems that only the request is being processed, but not the response
from django-cors-headers.
ottoyiu
commented on August 19, 2024
Can you perhaps paste some of those logs to help with the debugging?
from django-cors-headers.
d0nezer0
commented on August 19, 2024
@ottoyiu :
I got the settings like @thebenwaters , and I call my login url and pass the username and password arguements. But it returns a 403 "NetworkError: 403 FORBIDDEN - http://sso.acttao.com:8888/zgxcw/login/".
My login view returns a url at first. ------return redirect('zg_login')
After, I return a response and still returns the 403.
the CORS url must return a response?
what might causes my issue?
Thanks a lot. Need help urgently.
from django-cors-headers.
d0nezer0
commented on August 19, 2024
It does not need to return a response object.
the reason is the shot of settings .
The settings of mine is below.
CORS_ORIGIN_ALLOW_ALL and CORS_ORIGIN_WHITELIST choose one is OK .
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = False
CORS_ORIGIN_WHITELIST = (
'zgxcw.acttao.com:8002',
'hostname.example.com'
)
At first I lost CORS_ALLOW_CREDENTIALS = True.
and I checked the source code middleware.py
line 57:
response[ACCESS_CONTROL_ALLOW_ORIGIN] = "*" if (
settings.CORS_ORIGIN_ALLOW_ALL and
not settings.CORS_ALLOW_CREDENTIALS) else origin
from django-cors-headers.
d0nezer0
commented on August 19, 2024
403 again!
I didnot find the real reason of 403.
from django-cors-headers.
d0nezer0
commented on August 19, 2024
I hope can help someone with my fail log.
Now, I pass the arguements (username and passwd) from a site to server site,
and called the login function.
But did not login successfully.
I thought might be the cookie did not set successfully.
If anyone has a suggestion is welcome.
from django-cors-headers.
brad
commented on August 19, 2024
There are a plethora of reasons you might be getting a 403. For me, the fix was to set the withCredentials XHR option to true. A jquery example:
$.ajax({
url: a_cross_domain_url,
xhrFields: {
withCredentials: true
}
});from django-cors-headers.
d0nezer0
commented on August 19, 2024
@brad
Thanks for your suggestion.
I did my project whitout cross domain this time .
I would like to check it with my spare time.
from django-cors-headers.
adamchainz
commented on August 19, 2024
Closing due to inactivity
from django-cors-headers.
Related Issues (20)
- On Django 4.1, HOT 1
- 'CORS Missing Allow Origin' response despite settings aligned to documentation and links HOT 6
- i stll see this erorr Access to font at 'https://fra1.digitaloceanspaces.com/ewan-space/ewan/static/admin/fonts/Roboto-Regular-webfont.woff' from origin 'http://127.0.0.1:9000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. HOT 1
- Allow to have a list of patterns for `CORS_URLS_REGEX` HOT 1
- Listing Origin, DNT, or Accept-Encoding as allowed request headers is never necessary HOT 1
- No "Access-Control-Allow-Origin" in response despite all being set properly HOT 19
- Access-Control-Allow-Credentials absent from response headers HOT 1
- Django CORS issue with VUE HOT 1
- Request is lacking Cookie, csrftoken, sessionid after hitting the back. HOT 2
- How to set Access-Control-Allow-Origin for "chrome-extension://*" HOT 1
- Access to XMLHttpRequest from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. HOT 1
- [help]Unable to set CORS headers after configuring the library HOT 6
- origin not in headers HOT 2
- Incompatible with Daphne under ASGI HOT 5
- check_request_enabled.send() should not be called from an async context HOT 2
- no "Access-Control-Allow-Origin" when open site from google HOT 4
- No "Access-Control-Allow-Origin" on fresh django project HOT 2
- CORS stop working on cloud editors like Gitpod HOT 1
- High Security Vulnerability on dependency (sqlparse version 0.4.4) with risk of Denial of Service HOT 1
- CSRF Errors with Cloudflare HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-cors-headers.