1

cors-headers to enable the cors on my django server. my setting.py is like this.

CORS_ORIGIN_ALLOW_ALL= True
CORS_ALLOW_CREDENTIALS = True

also i have added corsheaders to the INSTALLED_APPS and my MIDDLEWARE is like this 

MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'corsheaders.middleware.CorsMiddleware',

]. i have set a very simple view that looks like this.

    def get(self, request):

    response = HttpResponse("hi")
    response['Set-Cookie'] = ('food=bread; Path=/; max_age=10000')
    print(response._headers)
    return response

on the console the headers is like this.

{'set-cookie': ('Set-Cookie', 'food=bread; drink=water; Path=/; max_age=10000'), 'content-type': ('Content-Type', 'text/html; charset=utf-8')}

when i call my api in browser cookie is set and everything is ok but when i use axios for ajax in the body of response there is nothing that is similar to my cookie. my javasctipt code i like this.

 axios.get('http://37.130.202.188:13434/users/test/',
  {withCredentials: true,

 })
  .then(function (response) {
    console.log(response);
  });

and i run my server with this command 

python manage.py runserver

every response to this headache would be very appreciated.

Milad Khodabandehloo
  • 1,907
  • 1
  • 14
  • 24

1 Answers1

1

I find the answer. Exactly like this question, the cookies that are set in the headers of a http response are not accessible in Javascript and they get saved in the browser automatically.

Milad Khodabandehloo
  • 1,907
  • 1
  • 14
  • 24