background:
On the login interface, there are obviously files that have not been loaded. I checked the network, but there was no 404. I checked the console, and saw a bunch of explosions.
The console reports the following error:
Refused to execute script from '<URL>' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
127.0.0.1/:1 Refused to execute script from 'http://127.0.0.1:8001/static/admin/simpleui-x/js/vue.min.js?_=2021.4.3' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
127.0.0.1/:1 Refused to execute script from 'http://127.0.0.1:8001/static/admin/simpleui-x/elementui/index.js?_=2021.4.3' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
127.0.0.1/:1 Refused to execute script from 'http://127.0.0.1:8001/static/admin/simpleui-x/js/login.js?_=3.3' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
127.0.0.1/:1 Refused to execute script from 'http://127.0.0.1:8001/static/admin/simpleui-x/particles/particles.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
127.0.0.1/:1 Refused to execute script from 'http://127.0.0.1:8001/static/admin/simpleui-x/particles/app.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.Find the reason and summarize it as follows:
The first type of error is:
Refused to display ‘http://localhost:8000/cdny/student_manage/’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
Solution:
Add a configuration in settings.py:
X_FRAME_OPTIONS = 'SAMEORIGIN'
# DENY :表示该页面不允许在 frame 中展示,即便是在相同域名的页面中嵌套也不允许
# SAMEORIGIN :表示该页面可以在相同域名页面的 frame 中展示
# ALLOW-FROM uri :表示该页面可以在指定来源的 frame 中展示 The second type of error is:
Refused to execute script from ‘http://127.0.0.1:8000/static/layui/layui.js’ because its MIME type (‘text/plain’) is not executable, and strict MIME type checking is enabled.
Solution:
Add a configuration in settings.py:
SECURE_CONTENT_TYPE_NOSNIFF = False
This X-Content-Type-Options is nosniff, misinterpreted: When you request a file from raw.githubusercontent.com, gist.githubusercontent.com, bitbucket.org or gitlab.com, they usually provide (in JavaScript, HTML, CSS , and in the case of some other file types) use a Content-Type of text/plain. As a result, most modern browsers don't actually interpret it as JavaScript, HTML, or CSS.
Another situation may be that the Windows system does not know when the registry is damaged, and the file type with the extension js is registered as 'text/plain', which should be 'application/javascript'.
To solve this problem, please add the following code at the end of the Django
project setting.py to force Django to use 'application/javascript' as the js file type . The third solution:
#在settings.py末尾加入
import mimetypes
mimetypes.add_type('text/css', '.css')
mimetypes.add_type('application/javascript', '.js')focus:
Clear the browser cache, otherwise it will not take effect immediately! ! !
Effect:
Amitabha