Django ALLOWED_HOSTS vs CORS(django-cors-headers)
[英]Django ALLOWED_HOSTS vs CORS(django-cors-headers)
问题描述
What is the difference between ALLOWED_HOSTS and CORS. 
ALLOWED_HOSTS和CORS有什么区别。 If I have defined ALLOWED_HOSTS do I need to define also CORS? 如果我已经定义了ALLOWED_HOSTS,我还需要定义CORS吗? I am not using django templates. 我没有使用django模板。 Also do I have the possibility to define those two dynamically?(I think not) 我也有可能动态定义这两个吗?(我认为不是)
I am using django as backend, and multiple reactjs frontend apps on different hosts. 我使用django作为后端,并且多个reactjs在不同的主机上使用应用程序。
1 个解决方案
解决方案1
6 已采纳 2017-11-10 19:12:40
Doc on ALLOWED_HOSTS . 关于ALLOWED_HOSTS的文件。 In short, in production environment where you have DEBUG=FALSE , your Django application will not serve in a domain or subdomain that is not specified in ALLOWED_HOSTS. 简而言之,在您有DEBUG=FALSE生产环境中,您的Django应用程序将不会在ALLOWED_HOSTS中未指定的域或子域中提供服务。 It's a whitelist of trusted domains you can serve your app on. 它是您可以为您的应用提供服务的受信任域名的白名单。
CORS on the other hand, I'm assuming you are asking because you are also doing Django Rest Framework, stands for Cross-Origin Resource Sharing, basically allows your frontend apps, like the one you mentioned multiple reactjs apps, to interact with your APIs without having to deploy all of them on a same domain. CORS另一方面,我假设你问,因为你也在做Django Rest Framework,代表跨源资源共享,基本上允许你的前端应用程序,比如你提到的多个reactjs应用程序,与你的API交互无需在同一个域上部署所有这些。 django-cors-header is the recommended package for configuring CORS. django-cors-header是用于配置CORS的推荐包。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.