我正在尝试为我的 django 服务器实现 cors 支持。
设置.py
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'userdetails.middleware.crossdomainxhr.XsSharing',
)
XS_SHARING_ALLOWED_CREDENTIALS = 'True'
XS_SHARING_ALLOWED_ORIGINS = '*'
XS_SHARING_ALLOWED_METHODS = ['POST','GET','OPTIONS', 'PUT', 'DELETE']
userdetails.middleware.crossdomainxhr.XsSharing' 正是https://gist.github.com/strogonoff/1369619中的代码
当我在 Chrome 中使用 ajax 脚本调用它时,我收到错误消息:'http://localhost:8002'访问控制允许的 Origin 不允许使用 Origin HTTP(我的本地 Web 服务器所在的位置)知道我在这里做错了什么吗?
ajax 脚本在这里:
<html lang="en">
<head>
<meta charset="utf-8" />
<script src="http://code.jquery.com/jquery-1.10.1.min.js"></script>
<script>
$(document).ready(function () {
var url = 'http://xx.xxx.x.xxx/api/user/register/';
alert("going to make call, see the request/response in browser debuger/inspector");
$.ajax({
type: "POST",
contentType: "application/json",
dataType: "application/json",
url: url,
data: JSON.stringify({
'firstName': 'Corsnew',
'lastName': 'Corsnew',
'email': 'corsnewe@cors.com',
'password': 'cors',
}),
processData: false,
//contentType: "application/json; charset=utf-8",
// accept: 'text/plan',
origin: 'localhost',
complete: function (data) {
console.dir(data);
}
});
});
</script>
<title></title>
</head>
<body>
</body>
</html>
对铬的反应是:
HTTP/1.1 200 OK
Date: Tue, 06 Aug 2013 07:33:09 GMT
Server: Apache/2.2.20 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Access-Control-Allow-Headers: Content-Type,*
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8