Last active
December 28, 2024 16:13
-
-
Save robhudson/3848832 to your computer and use it in GitHub Desktop.
Quick way to set CORS headers on django-tastypie resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class CORSResource(object): | |
| """ | |
| Adds CORS headers to resources that subclass this. | |
| """ | |
| def create_response(self, *args, **kwargs): | |
| response = super(CORSResource, self).create_response(*args, **kwargs) | |
| response['Access-Control-Allow-Origin'] = '*' | |
| response['Access-Control-Allow-Headers'] = 'Content-Type' | |
| return response | |
| def method_check(self, request, allowed=None): | |
| if allowed is None: | |
| allowed = [] | |
| request_method = request.method.lower() | |
| allows = ','.join(map(str.upper, allowed)) | |
| if request_method == 'options': | |
| response = HttpResponse(allows) | |
| response['Access-Control-Allow-Origin'] = '*' | |
| response['Access-Control-Allow-Headers'] = 'Content-Type' | |
| response['Allow'] = allows | |
| raise ImmediateHttpResponse(response=response) | |
| if not request_method in allowed: | |
| response = http.HttpMethodNotAllowed(allows) | |
| response['Allow'] = allows | |
| raise ImmediateHttpResponse(response=response) | |
| return request_method |
It also needs to import http from tastypie, for HttpMethodNotAllowed.
django-cors-headers is a good alternative
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks! Only the import statements are missing
Using string's upper instead of taking it from str for it to play nice with unicode