csrf

Others 2022-04-21 21:00:50 views: 0 
    
            8. csrf
                
                class Cors(MiddlewareMixin):
                    def process_response(self, request, response):
                        response['Access-Control-Allow-Origin'] = ','.join(settings.CORS_ORIGIN_LIST)
                        if request.method == 'OPTIONS':
                            response['Access-Control-Allow-Methods'] =  ','.join(settings.CORS_METHOD_LIST)
                            response['Access-Control-Allow-Headers'] = ','.join(settings.CORS_HEADER_LIST)
                            response[ ' Access-Control-Allow-Credentials ' ] = ' true ' 
                            #Corresponding to xhrFields in the browser: { withCredentials: true} #It 
                            should be noted that: when the server-side Access-Control-Allow-Credentials = true, the parameter Access- The value of Control-Allow-Origin cannot be '*'.

                        return response

 

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324605509&siteId=291194637
Recommended
Ranking
PAT Level B 1094 Google's Recruitment (20 points) Python
Old Wei wins the offer to take you to learn --- brush (integer number 31. 1 appears) title series
Bilibili: Barrage Screening: Baijiaxing: Import XML directly
개체 배열 중복 제거
matplotlib—patches.Circle
[Observation] It is also a cordless vacuum cleaner, why does Dyson V10 dare to sell 4990 yuan?
0410
Apache Kafka message delivery reliability analysis
How hotel occupancy records inquiry etj
Essential knowledge for getting started with speculating in spot silver
Daily
More
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)

Code World

© 2018 codetd.com