#35573: CORS Policy Error with Specific Data in React and Django Application
------------------------+--------------------------------------
Reporter: Mahira | Owner: (none)
Type: Bug | Status: closed
Component: CSRF | Version: 5.0
Severity: Normal | Resolution: invalid
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------+--------------------------------------
Old description:
> CORS Policy Error with Specific Data in React and Django Application
>
> I'm experiencing an issue with CORS policy in my React frontend and
> Django backend application. The error message I'm receiving is:
>
> Access to fetch at backend URL' from origin 'frontend URL' has been
> blocked by CORS policy: No 'Access-Control-Allow-Origin' header is
> present on the requested resource. If an opaque response serves your
> needs, set the request's mode to 'no-cors' to fetch the resource with
> CORS disabled.
>
> I have configured all the CORS Configuration in settings.py
>
> MIDDLEWARE = [
> 'corsheaders.middleware.CorsMiddleware',
> 'django.middleware.security.SecurityMiddleware',
> 'django.contrib.sessions.middleware.SessionMiddleware',
> 'django.middleware.common.CommonMiddleware',
> 'django.middleware.csrf.CsrfViewMiddleware',
> 'django.contrib.auth.middleware.AuthenticationMiddleware',
> 'django.contrib.messages.middleware.MessageMiddleware',
> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
> 'whitenoise.middleware.WhiteNoiseMiddleware',
> ]
>
> CORS_ORIGIN_ALLOW_ALL = True
>
> CORS_ALLOW_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS']
>
> CORS_ALLOW_HEADERS = [
> 'accept',
> 'accept-encoding',
> 'authorization',
> 'content-type',
> 'dnt',
> 'origin',
> 'user-agent',
> 'x-csrftoken',
> 'x-requested-with',
> ]
> Installed apps also 'corsheader' is added
>
> The problem is i am getting this issue for only one data not for all data
New description:
CORS Policy Error with Specific Data in React and Django Application
I'm experiencing an issue with CORS policy in my React frontend and Django
backend application. The error message I'm receiving is:
Access to fetch at backend URL' from origin 'frontend URL' has been
blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present
on the requested resource. If an opaque response serves your needs, set
the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I have configured all the CORS Configuration in settings.py
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
]
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS']
CORS_ALLOW_HEADERS = [
'accept',
'accept-encoding',
'authorization',
'content-type',
'dnt',
'origin',
'user-agent',
'x-csrftoken',
'x-requested-with',
]
Installed apps also 'corsheader' is added
The problem is i am getting this issue for only one data not for all data
--
Comment (by Mahira):
I am getting CORS Issue even after i configured cors-header lib its
happening for Some Specific Data not for all the Data
For Example if I have edit/1 -> Data id i can able to edit i am getting
200 Status
IF I am editing edit/2 -> its throwing CORS Issue in console and its
given 403 Status what might be the issue
--
Ticket URL: <https://code.djangoproject.com/ticket/35573#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/0107019076fc15d3-c9e2f85c-3ce1-483a-87ae-1325e08700ed-000000%40eu-central-1.amazonses.com.
