No 'Access-Control-Allow-Origin' header is present on the requested resource error in fetch API django












1















I'm trying to fetch some data from an API. It works and my data is sent to the server but I am getting the following error message that not allow me to continue:



Access to fetch at 'http://192.168.80.11:8000/upload/5bc4206e3ff2286d24c58899/' from origin 'http://localhost:8000' has been blocked by CORS policy:




No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.




I know that this is because I am trying to fetch that data from within my localhost and the solution should be using CORS.
But how can I set Access-Control-Allow-Origin in the response header?
I use Django.
And this is setting file on server:



INSTALLED_APPS = (
...
'corsheaders',
...
)

MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',

]
CORS_ORIGINE_ALLOW_ALL= True
CORS_ALLOW_CREDENTIALS = True
#CORS_ORIGINE_ALLOW_ALL= False
CORS_ORIGINE_WHITELIST=(
'http//:192.168.20.29:8000',
'http//:192.168.20.30:8000',
'http//:127.0.0.1:8000',
)









share|improve this question





























    1















    I'm trying to fetch some data from an API. It works and my data is sent to the server but I am getting the following error message that not allow me to continue:



    Access to fetch at 'http://192.168.80.11:8000/upload/5bc4206e3ff2286d24c58899/' from origin 'http://localhost:8000' has been blocked by CORS policy:




    No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.




    I know that this is because I am trying to fetch that data from within my localhost and the solution should be using CORS.
    But how can I set Access-Control-Allow-Origin in the response header?
    I use Django.
    And this is setting file on server:



    INSTALLED_APPS = (
    ...
    'corsheaders',
    ...
    )

    MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',

    ]
    CORS_ORIGINE_ALLOW_ALL= True
    CORS_ALLOW_CREDENTIALS = True
    #CORS_ORIGINE_ALLOW_ALL= False
    CORS_ORIGINE_WHITELIST=(
    'http//:192.168.20.29:8000',
    'http//:192.168.20.30:8000',
    'http//:127.0.0.1:8000',
    )









    share|improve this question



























      1












      1








      1








      I'm trying to fetch some data from an API. It works and my data is sent to the server but I am getting the following error message that not allow me to continue:



      Access to fetch at 'http://192.168.80.11:8000/upload/5bc4206e3ff2286d24c58899/' from origin 'http://localhost:8000' has been blocked by CORS policy:




      No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.




      I know that this is because I am trying to fetch that data from within my localhost and the solution should be using CORS.
      But how can I set Access-Control-Allow-Origin in the response header?
      I use Django.
      And this is setting file on server:



      INSTALLED_APPS = (
      ...
      'corsheaders',
      ...
      )

      MIDDLEWARE = [
      'corsheaders.middleware.CorsMiddleware',
      'django.middleware.csrf.CsrfViewMiddleware',
      'django.middleware.security.SecurityMiddleware',
      'django.contrib.sessions.middleware.SessionMiddleware',
      'django.middleware.common.CommonMiddleware',
      'django.contrib.auth.middleware.AuthenticationMiddleware',
      'django.contrib.messages.middleware.MessageMiddleware',
      'django.middleware.clickjacking.XFrameOptionsMiddleware',

      ]
      CORS_ORIGINE_ALLOW_ALL= True
      CORS_ALLOW_CREDENTIALS = True
      #CORS_ORIGINE_ALLOW_ALL= False
      CORS_ORIGINE_WHITELIST=(
      'http//:192.168.20.29:8000',
      'http//:192.168.20.30:8000',
      'http//:127.0.0.1:8000',
      )









      share|improve this question
















      I'm trying to fetch some data from an API. It works and my data is sent to the server but I am getting the following error message that not allow me to continue:



      Access to fetch at 'http://192.168.80.11:8000/upload/5bc4206e3ff2286d24c58899/' from origin 'http://localhost:8000' has been blocked by CORS policy:




      No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.




      I know that this is because I am trying to fetch that data from within my localhost and the solution should be using CORS.
      But how can I set Access-Control-Allow-Origin in the response header?
      I use Django.
      And this is setting file on server:



      INSTALLED_APPS = (
      ...
      'corsheaders',
      ...
      )

      MIDDLEWARE = [
      'corsheaders.middleware.CorsMiddleware',
      'django.middleware.csrf.CsrfViewMiddleware',
      'django.middleware.security.SecurityMiddleware',
      'django.contrib.sessions.middleware.SessionMiddleware',
      'django.middleware.common.CommonMiddleware',
      'django.contrib.auth.middleware.AuthenticationMiddleware',
      'django.contrib.messages.middleware.MessageMiddleware',
      'django.middleware.clickjacking.XFrameOptionsMiddleware',

      ]
      CORS_ORIGINE_ALLOW_ALL= True
      CORS_ALLOW_CREDENTIALS = True
      #CORS_ORIGINE_ALLOW_ALL= False
      CORS_ORIGINE_WHITELIST=(
      'http//:192.168.20.29:8000',
      'http//:192.168.20.30:8000',
      'http//:127.0.0.1:8000',
      )






      django cors






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 20 '18 at 17:11







      MahZ

















      asked Nov 20 '18 at 16:42









      MahZMahZ

      115




      115
























          1 Answer
          1






          active

          oldest

          votes


















          0














          Did you add this to your installed apps?



          INSTALLED_APPS = (
          ...
          'corsheaders',
          ...
          )


          UPDATE



          CORS_ORIGIN_ALLOW_ALL not CORS_ORIGINE_ALLOW_ALL



          CORS_ORIGIN_WHITELIST not CORS_ORIGINE_WHITELIST






          share|improve this answer


























          • Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

            – MahZ
            Nov 20 '18 at 17:07













          • @MahZ check my edit.

            – Stephen
            Nov 20 '18 at 18:35











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53397630%2fno-access-control-allow-origin-header-is-present-on-the-requested-resource-err%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          Did you add this to your installed apps?



          INSTALLED_APPS = (
          ...
          'corsheaders',
          ...
          )


          UPDATE



          CORS_ORIGIN_ALLOW_ALL not CORS_ORIGINE_ALLOW_ALL



          CORS_ORIGIN_WHITELIST not CORS_ORIGINE_WHITELIST






          share|improve this answer


























          • Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

            – MahZ
            Nov 20 '18 at 17:07













          • @MahZ check my edit.

            – Stephen
            Nov 20 '18 at 18:35
















          0














          Did you add this to your installed apps?



          INSTALLED_APPS = (
          ...
          'corsheaders',
          ...
          )


          UPDATE



          CORS_ORIGIN_ALLOW_ALL not CORS_ORIGINE_ALLOW_ALL



          CORS_ORIGIN_WHITELIST not CORS_ORIGINE_WHITELIST






          share|improve this answer


























          • Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

            – MahZ
            Nov 20 '18 at 17:07













          • @MahZ check my edit.

            – Stephen
            Nov 20 '18 at 18:35














          0












          0








          0







          Did you add this to your installed apps?



          INSTALLED_APPS = (
          ...
          'corsheaders',
          ...
          )


          UPDATE



          CORS_ORIGIN_ALLOW_ALL not CORS_ORIGINE_ALLOW_ALL



          CORS_ORIGIN_WHITELIST not CORS_ORIGINE_WHITELIST






          share|improve this answer















          Did you add this to your installed apps?



          INSTALLED_APPS = (
          ...
          'corsheaders',
          ...
          )


          UPDATE



          CORS_ORIGIN_ALLOW_ALL not CORS_ORIGINE_ALLOW_ALL



          CORS_ORIGIN_WHITELIST not CORS_ORIGINE_WHITELIST







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 20 '18 at 18:34

























          answered Nov 20 '18 at 16:51









          StephenStephen

          5701124




          5701124













          • Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

            – MahZ
            Nov 20 '18 at 17:07













          • @MahZ check my edit.

            – Stephen
            Nov 20 '18 at 18:35



















          • Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

            – MahZ
            Nov 20 '18 at 17:07













          • @MahZ check my edit.

            – Stephen
            Nov 20 '18 at 18:35

















          Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

          – MahZ
          Nov 20 '18 at 17:07







          Yes. I added 'corsheaders', too (edited my question) . To resolve this error, the server side must make changes or client side?

          – MahZ
          Nov 20 '18 at 17:07















          @MahZ check my edit.

          – Stephen
          Nov 20 '18 at 18:35





          @MahZ check my edit.

          – Stephen
          Nov 20 '18 at 18:35




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53397630%2fno-access-control-allow-origin-header-is-present-on-the-requested-resource-err%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Guess what letter conforming each word

          Port of Spain

          Run scheduled task as local user group (not BUILTIN)