跨域请求-CORS

时间 2019-11-30

标签请求 cors 繁體版

原文原文链接

跨域请求 服务端设置便可
    1 浏览器的同源策略
    2 简单请求：发一次请求
        response['Access-Control-Allow-Origin'] = '*'
        response['Access-Control-Allow-Origin'] = 'http://127.0.0.1:8008,http://127.0.0.1:8009'
    2 非简单请求：发两次，一次预检（OPTIONS），第二次是真正的请求
        if request.method=='OPTIONS':
            response['Access-Control-Allow-Methods']='PUT,DELETE'
            response['Access-Control-Allow-Headers']='Content-Type'
    建议写再中间件里
    注释：里面尽可能不要写（*），都支持（*）

8001：ajax请求跨域html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    {% load static %}
    <script src="{% static 'jquery-3.3.1.js' %}"></script>
    <title>Title</title>
</head>
<body>
<button id="mybutton">点我</button>
</body>
<script>
    $("#mybutton").click(function () {
        $.ajax({
            url:'http://127.0.0.1:8000/mytest/',
            type:'get',
            headers:{'k1':'dddd'},
            success:function (data) {
                console.log(data)
            }
        })
    })
</script>
</html>

8000：服务端配置跨域jquery

    settings: 中间件配置
    'app01.mymiddle.MyMiddle'
    
    mymiddle：新建中间件文件：
    from django.utils.deprecation import MiddlewareMixin

    class MyMiddle(MiddlewareMixin):
        def process_response(self, request, response):
            if request.method == 'OPTIONS':
                response['Access-Control-Allow-Methods'] = 'PUT'
                response['Access-Control-Allow-Headers'] = 'k1'
            response['Access-Control-Allow-Origin'] = '*'
            return response