You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've written a middleware to check the headers coming and I can't find origin header but i can see host header being passed.
I've added corsheaders in INSTALLED_APPS.
# CORS settings
CORS_ALLOW_CREDENTIALS = True
CORS_ORIGIN_ALLOW_ALL = False
CORS_ALLOWED_ORIGIN_REGEXES = [
r"^https://\w+\.MYSITE\.com$",
r"^http://\w+\.localhost\.\d+$",
]```
These are the headers I get
```Incoming Headers:
Host: subdomain.domain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: sessionid=hsovia6y05l4g5rnyggs7qsim8iv6vcx; csrftoken=6nbnI32tA3AGJaFmzGMYcRL6gRtZomr9
If-Modified-Since: Thu, 12 Oct 2023 12:36:43 GMT
If-None-Match: "6527be2b-1892"
Referer: https://subdomain.domain.com
Sec-Ch-Ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Linux"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
X-Forwarded-For: 196.249.97.222
X-Forwarded-Host: subdomain.domain.com
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Forwarded-Server: b726261d9bb0
X-Real-Ip: 196.249.97.222
The text was updated successfully, but these errors were encountered:
Understanding CORS
Python Version
3.11.3
Django Version
4.2.0
Package Version
4.3.0
Description
I've written a middleware to check the headers coming and I can't find
origin
header but i can seehost
header being passed.I've added
corsheaders
in INSTALLED_APPS.The text was updated successfully, but these errors were encountered: