1

I am trying to test a call to my local Django development server. This is an AJAX call that returns a JSON object. The Django view does this:

return JsonResponse(response, safe=False)

I test this by launching the Django server (which runs the back end) and then launching my browser and opening the HTML page I have modified. These pages are not served by Django.

In Firefox, I can make the ajax call on the page. It returns the correct data, with the correct MIME type.

In Chrome, I can not. I get the following error:

Cross-Origin Read Blocking (CORB) blocked cross-origin response http://localhost:8000/dataload/alljson with MIME type application/json. See https://www.chromestatus.com/feature/5629709824032768 for more details.

I have tried to search for the solution to this problem. I've checked this question, but the suggestion to clear my cache doesn't do anything. I've also found suggestions that involve using django-cors-headers, but this is CORB (not CORS). Nonetheless, I've installed corsheaders and set CORS_ORIGIN_ALLOW_ALL = True to eliminate that as a possibility.

My MIDDLEWARE setting has this 

MIDDLEWARE = [
...
"corsheaders.middleware.CorsMiddleware",
"django.middleware.common.CommonMiddleware",
...
]

The response headers I get in Firefox are:

Content-Length      12827
Content-Type        application/json
Date        Wed, 06 Feb 2019 18:38:03 GMT
Server      WSGIServer/0.2 CPython/3.6.7
Vary        Origin
X-Frame-Options     SAMEORIGIN

I am calling http://localhost:8000/dataload/alljson. If I call http://localhost:8000/dataload/alljson/ (with the trailing slash), I get a 404.

Still no dice.

How can I get Chrome to allow the response from my development Django server for this ajax call?

Dave Cassel
  • 8,352
  • 20
  • 38
NewGuy
  • 3,273
  • 7
  • 43
  • 61
  • Is `'corsheaders'` in `INSTALLED_APPS` and `'corsheaders.middleware.CorsMiddleware'` at the top of `MIDDLEWARE`? Did you check the headers sent by the server in Firefox where the request succeeds? What headers are there? Are you sending the request to a URL that ends in a slash? A missing slash may cause this too. – Endre Both Feb 06 '19 at 18:08
  • Yes it is installed – NewGuy Feb 06 '19 at 18:09
  • First comment got truncated, sorry. Continuing: Is `'corsheaders.middleware.CorsMiddleware'` at the top of `MIDDLEWARE`? Did you check the headers sent by the server in Firefox where the request succeeds? What headers are there? Are you sending the request to a URL that ends in a slash? A missing slash may cause this too. – Endre Both Feb 06 '19 at 18:11
  • @EndreBoth I've updated my question with answers to your questions. – NewGuy Feb 06 '19 at 18:53
  • Well, there are clearly no CORS headers in the server response :(. Do you use any other custom middleware? – Endre Both Feb 06 '19 at 20:58
  • But why does Chrome even treat the request as cross-origin if it goes to the same address as the one the page was served from? – Endre Both Feb 06 '19 at 21:00
  • 1
    According to some reports, Chrome has a bug in implementing CORS on localhost: https://bugs.chromium.org/p/chromium/issues/detail?id=67743 – I've never run into it though, Chrome seems to be accessing my local server just fine. – Endre Both Feb 06 '19 at 21:09
  • I am having the same problem with the newer Chrome versions. Used to work fine before. – sureshvv Jul 14 '19 at 18:25

0 Answers0