Omonbude Emmanuel
Software Engineer
  • Residence:
    Nigeria
  • Phone:
    +2349032841265
  • Email:
    budescode@gmail.com
HTML/CSS/JAVASCRIPT
PYTHON
DJANGO/DJANGO REST FRAMEWORK
NODE JS
DOCKER, AWS, KUBERNATES
FIREBASE, PostgreSQL, MySQL,Mongo DB
FLUTTER
DART
ANGULAR
TYPESCRIPT

Handling Cors in django application

Omonbude Emmanuel | June 21, 2023, 3:43 p.m.

105

Introduction

CORS is a security mechanism implemented by web browsers to restrict web pages from making requests to a different domain than the one that served the page. This prevents malicious scripts from stealing data or performing unauthorized actions on other websites. Django provides built-in functionalities and popular third-party libraries to handle CORS configurations effectively.

Prerequisites

Before we delve into the steps, ensure you have the following:

  • Django Project: A Django project set up and ready for development.

Step1: Installation 

We would be using the django-cors-headers library. To install it, run the command below

pip install django-cors-headers

 Step 2: Configuration
add "corsheaders" to your installed apps in your settings.py

INSTALLED_APPS = [
#other apps
"corsheaders"
]

 

Add "corsheaders.middleware.CorsMiddleware" to the top of your MIDDLEWARE list
 

MIDDLEWARE = [

"corsheaders.middleware.CorsMiddleware",
"django.middleware.common.CommonMiddleware",

#other middlewares

]

Finally, whitelist the domains in your settings.py

CORS_ALLOWED_ORIGINS = [
    "https://example.com",
    "https://sub.example.com",
    "http://localhost:8080",
    "http://127.0.0.1:9000",
]

If you want to allow all reqquests, you can use

CORS_ORIGIN_ALLOW_ALL = True 

 

Conclusion

By effectively handling CORS in your Django application, you can securely share resources with other domains while maintaining security.

References

https://pypi.org/project/django-cors-headers/

© 2024 Omonbude Emmanuel

Omonbude Emmanuel