DJANGO REST框架(DRF) + VUEJS的基本CORS设置:
# Settings.py:
...
CORS_ORIGIN_ALLOW_ALL = False
CORS_ALLOWED_ORIGINS = [
"http://localhost:5173",
]
CSRF_TRUSTED_ORIGINS = [
"http://localhost:5173",
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_HEADERS = [
"accept",
"authorization",
"content-type",
"user-agent",
"x-csrftoken",
"x-requested-with",
"x-xsrf-token"]
...
在使用它们之前,请阅读这些操作。我对使用这些设置可能引起的任何安全问题概不负责。
我遇到的错误:
Reason: expected ‘true’ in CORS header ‘Access-Control-Allow-Credentials