django允许post跨域访问-阿里云开发者社区

django允许post跨域访问

2017-11-07 1431

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

简介：

用django写的api，供第三方调用，但是出现个问题

一，问题

1.用form表单提交ok

2.用ajax方式显示失败，如下提示

==================================================================

XMLHttpRequest cannot load http://www.itnihao.com/api，Origin null is not allowed by Access-Control-Allow-Origin.

==================================================================

以上提示信息是跨域访问验证失败，因为django不允许这种跨域访问

二，解决办法

进入项目目录，新建文件

#mkidr middleware

#touch middleware/__init.py__

#vim middleware/crossdomainxhr.py

 
        from 
        django 
        import 
        http 
       
        try
        : 
       
        from 
        django.conf 
        import 
        settings 
       
        XS_SHARING_ALLOWED_ORIGINS 
        = 
        settings.XS_SHARING_ALLOWED_ORIGINS 
       
        XS_SHARING_ALLOWED_METHODS 
        = 
        settings.XS_SHARING_ALLOWED_METHODS 
       
        XS_SHARING_ALLOWED_HEADERS 
        = 
        settings.XS_SHARING_ALLOWED_HEADERS 
       
        XS_SHARING_ALLOWED_CREDENTIALS 
        = 
        settings.XS_SHARING_ALLOWED_CREDENTIALS 
       
        except 
        AttributeError: 
       
        XS_SHARING_ALLOWED_ORIGINS 
        = 
        '*' 
       
        #XS_SHARING_ALLOWED_METHODS = ['POST', 'GET', 'OPTIONS', 'PUT', 'DELETE'] 
       
        XS_SHARING_ALLOWED_METHODS 
        = 
        [
        'POST'
        , 
        'GET'
        ] 
       
        XS_SHARING_ALLOWED_HEADERS 
        = 
        [
        'Content-Type'
        , 
        '*'
        ] 
       
        XS_SHARING_ALLOWED_CREDENTIALS 
        = 
        'true' 
       
        class 
        XsSharing(
        object
        ): 
       
        """ 
       
        This middleware allows cross-domain XHR using the html5 postMessage API. 
       
        Access-Control-Allow-Origin: http://foo.example 
       
        Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE 
       
        Based off https://gist.github.com/426829 
       
        """ 
       
        def 
        process_request(
        self
        , request): 
       
        if 
        'HTTP_ACCESS_CONTROL_REQUEST_METHOD' 
        in 
        request.META: 
       
        response 
        = 
        http.HttpResponse() 
       
        response[
        'Access-Control-Allow-Origin'
        ]  
        = 
        XS_SHARING_ALLOWED_ORIGINS 
       
        response[
        'Access-Control-Allow-Methods'
        ] 
        = 
        ","
        .join( XS_SHARING_ALLOWED_METHODS ) 
       
        response[
        'Access-Control-Allow-Headers'
        ] 
        = 
        ","
        .join( XS_SHARING_ALLOWED_HEADERS ) 
       
        response[
        'Access-Control-Allow-Credentials'
        ] 
        = 
        XS_SHARING_ALLOWED_CREDENTIALS 
       
        return 
        response 
       
        return 
        None 
       
        def 
        process_response(
        self
        , request, response): 
       
        response[
        'Access-Control-Allow-Origin'
        ]  
        = 
        XS_SHARING_ALLOWED_ORIGINS 
       
        response[
        'Access-Control-Allow-Methods'
        ] 
        = 
        ","
        .join( XS_SHARING_ALLOWED_METHODS ) 
       
        response[
        'Access-Control-Allow-Headers'
        ] 
        = 
        ","
        .join( XS_SHARING_ALLOWED_HEADERS ) 
       
        response[
        'Access-Control-Allow-Credentials'
        ] 
        = 
        XS_SHARING_ALLOWED_CREDENTIALS 
       
        return 
        response

在settings.py添加（MIDDLEWARE_CLASSES这里添加）

 
        'middleware.crossdomainxhr.XsSharing'
        ,

本文转自it你好 51CTO博客，原文链接：http://blog.51cto.com/itnihao/1324962，如需转载请自行联系原作者

django允许post跨域访问

热门文章

最新文章

相关课程

相关电子书

相关实验场景