某些静态文件无法加载,因为它被CORS策略阻止(Django)即使它是根据Django文档配置的
Some static files can't be loaded because it is blocked by CORS policy (Django) even it is configured based on Django documentation
我遇到了 CORS 政策的问题,看不出哪里出了问题。
我使用 Django 框架,我的静态文件托管在 Azure Blob 中
所以我收到这些文件的错误,它说 tuat Access-Control-Allow-Origin 不存在:
加载同一主机的其他文件有什么奇怪的..
CORS 设置如下所示:
ALLOWED_HOSTS = ['https://support.mdesk.lt', 'https://suppaccountstorage.blob.core.windows.net']
CORS_ORIGIN_ALLOW_ALL = False
CORS_ORIGIN_WHITELIST = (
'https://support.mdesk.lt',
'https://suppaccountstorage.blob.core.windows.net',
)
CSRF_TRUSTED_ORIGINS = ['https://support.mdesk.lt']
INSTALLED_APPS = [
'corsheaders',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'django.contrib.humanize',
'bootstrap4form',
'supportSystem',
'storages'
]
SITE_ID = 1
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
我哪里做错了?
Loading fonts from a different origin is affected by the CORS settings (your CSS files seem to be fine). Since your assets are not served by the Django application but by the Azure storage you need to adjust the CORS settings there (they will not be processed by the Django middleware you are using). You can change the settings .
我遇到了 CORS 政策的问题,看不出哪里出了问题。
我使用 Django 框架,我的静态文件托管在 Azure Blob 中
所以我收到这些文件的错误,它说 tuat Access-Control-Allow-Origin 不存在:
加载同一主机的其他文件有什么奇怪的..
CORS 设置如下所示:
ALLOWED_HOSTS = ['https://support.mdesk.lt', 'https://suppaccountstorage.blob.core.windows.net']
CORS_ORIGIN_ALLOW_ALL = False
CORS_ORIGIN_WHITELIST = (
'https://support.mdesk.lt',
'https://suppaccountstorage.blob.core.windows.net',
)
CSRF_TRUSTED_ORIGINS = ['https://support.mdesk.lt']
INSTALLED_APPS = [
'corsheaders',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'django.contrib.humanize',
'bootstrap4form',
'supportSystem',
'storages'
]
SITE_ID = 1
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
我哪里做错了?
Loading fonts from a different origin is affected by the CORS settings (your CSS files seem to be fine). Since your assets are not served by the Django application but by the Azure storage you need to adjust the CORS settings there (they will not be processed by the Django middleware you are using). You can change the settings