DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones AWS Cloud
by AWS Developer Relations
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones
AWS Cloud
by AWS Developer Relations

Trending

  • Seven Steps To Deploy Kedro Pipelines on Amazon EMR
  • Health Check Response Format for HTTP APIs
  • Microservices With Apache Camel and Quarkus (Part 2)
  • Introduction To Git

Trending

  • Seven Steps To Deploy Kedro Pipelines on Amazon EMR
  • Health Check Response Format for HTTP APIs
  • Microservices With Apache Camel and Quarkus (Part 2)
  • Introduction To Git
  1. DZone
  2. Coding
  3. Frameworks
  4. How to Fix Django CORS Error

How to Fix Django CORS Error

Fix Django Cors error using django-cors-headers

Shital Kat user avatar by
Shital Kat
·
Sep. 08, 20 · Code Snippet
Like (6)
Save
Tweet
Share
99.94K Views

Join the DZone community and get the full member experience.

Join For Free

One of the common errors we get each time when we consume Django API is CORS error.
The error might say something like: Access to XMLHttpRequest at 'url’' from origin  has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Django comes with a bunch of securities. CORS (Cross-origin resource sharing) permission requirest is one of them.  A request for a resource outside of the origin is known as a cross-origin request. The web page from outside the domain is requesting Django to share its resources. And Django is not giving permission.

i.e. Access to Django page and resource has blocked by CORS policy.

Now, let's see how to give a permission and solve the error in Just 4 steps:

Step 1 - Install django-cors-headers

Shell
 




xxxxxxxxxx
1


 
1
pip install django-cors-headers



Step 2 - Add corsheader  to the Installed App list in settings.py 

Python
xxxxxxxxxx
1
 
1
INSTALLED_APPS = [
2
    ...
3
    'corsheaders',
4
    ...
5
]
6


Step 3 -  Add CorsMiddleware to middleware list in settings.py

Python
xxxxxxxxxx
1
 
1
MIDDLEWARE = [
2
    ...
3
    'corsheaders.middleware.CorsMiddleware',
4
    ...
5
]


Step 4 - You have two alternatives here. Either follow Option A or Option B

Step 4 ( Option A) - Allow access to all domains by just Adding the following variables in settings.py:

Python
xxxxxxxxxx
1
 
1
ALLOWED_HOSTS=['*']
2
CORS_ORIGIN_ALLOW_ALL = True


Step 4 ( Option B) - Do not allow access to all the domains, but the one which you are consuming the API. Add following variables in settings.py

Python
x
 
1
ALLOWED_HOSTS=['http://localhost:5000']
2
               
3
CORS_ORIGIN_ALLOW_ALL = False
4
CORS_ORIGIN_WHITELIST = (
5
       'http://localhost:5000',
6
)


You are good to go now. Thanks for reading

Django (web framework)

Opinions expressed by DZone contributors are their own.

Trending

  • Seven Steps To Deploy Kedro Pipelines on Amazon EMR
  • Health Check Response Format for HTTP APIs
  • Microservices With Apache Camel and Quarkus (Part 2)
  • Introduction To Git

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com

Let's be friends: