Disable CORS altogether.

This solves #4 better than dfc7c8b163
7 years ago · de4f49973f
parent dfc7c8b163
commit de4f49973f
2 changed files with 6 additions and 0 deletions
--- a/etesync_server/settings.py
+++ b/etesync_server/settings.py
@ -40,6 +40,7 @@ INSTALLED_APPS = [
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
+    'corsheaders',
    'rest_framework',
    'rest_framework.authtoken',
    'journal.apps.JournalConfig',
@ -48,6 +49,7 @@ INSTALLED_APPS = [
 MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
@ -130,3 +132,6 @@ STATIC_URL = '/static/'
 JOURNAL_API_PERMISSIONS = (
        'rest_framework.permissions.IsAuthenticated',
        )
+
+# Cors
+CORS_ORIGIN_ALLOW_ALL = True
--- a/requirements.txt
+++ b/requirements.txt
@ -1,4 +1,5 @@
 Django>=2.0.5,<2.0.999
+django-cors-headers==2.3.0
 djangorestframework>=3.8.2,<3.8.999
 drf-nested-routers==0.90.2
 pytz