New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot POST files using CORS_ALLOW_CREDENTIALS = True
and CORS_ORIGIN_ALLOW_ALL = True
#601
Comments
Closing due to age. There's not enough information here to determine the bug, but it's probably a CSRF issue. The blocked response should be read in network tools to check. |
@Myzel394 did you ever solve this? I am having this issue as well |
@JMIdeaMaker I found a workaround for my case. I started chrome without security features. This way everything suddenly worked without any cors pain. But keep in mind, that if you are using multiple domains, you still have to find a solution for this. This here will only work in development and in production when your frontend and backend is on the same domain. EDIT |
Never EVER use Chrome with |
It's just for debugging purposes. When you're not using it for everyday
surfing, there should nothing be to worried about.
…On Sun, Jun 20, 2021, 10:54 Adam Johnson ***@***.***> wrote:
Never EVER use Chrome with --disable-web-security, or advise others to do
so.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#601 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AMAWUXGMTJACJDU3LN4DTRLTTWUDPANCNFSM4VBMXKGQ>
.
|
I'm also having this issue |
django-cors-headers
and followed docsHere are my setting
When I now try to upload files (
Content-Type = multipart/form-data
), I get the following error:Firefox:
Chrome:
I checked it and indeed, the
Access-Control-Allow-Origin'
header is missing. I configured everything according to docs, so I think this must be an issue. Please let me know if you know a solution to this.The text was updated successfully, but these errors were encountered: