zoukankan      html  css  js  c++  java

  • csrf

        
            8. csrf
                
                class Cors(MiddlewareMixin):
                    def process_response(self, request, response):
                        response['Access-Control-Allow-Origin'] = ','.join(settings.CORS_ORIGIN_LIST)
                        if request.method == 'OPTIONS':
                            response['Access-Control-Allow-Methods'] =  ','.join(settings.CORS_METHOD_LIST)
                            response['Access-Control-Allow-Headers'] = ','.join(settings.CORS_HEADER_LIST)
                            response['Access-Control-Allow-Credentials'] = 'true'
                            # 对应浏览器中    xhrFields: {   withCredentials: true}
                            # 需要注意的是:服务器端 Access-Control-Allow-Credentials = true时,参数Access-Control-Allow-Origin 的值不能为 '*' 。

                        return response
  • 相关阅读:
    DAY56
    DAY55
    DAY54
    DAY53
    DAY52
    DAY51
    DAY50
    spark1.1.0部署standalone分布式集群
    Storm流分组介绍
    Storm拓扑的并行度(parallelism)介绍
  • 原文地址:https://www.cnblogs.com/zjchao/p/8904044.html
Copyright © 2011-2022 走看看