Specify URLS for CORS in Django app on Heroku

Question

I have an app in Heroku running with Django.

Now I'm starting to develop a Phonegap app that I want to make work with my Heroku app.

I can't make it work because of CORS (Cross-origin resource sharing) protection. So I need to exclude some urls (not all app) to make my Phonegap app work.

I've tried installing django-cors-headers , but it doesn't seem to work.

To test it, I'm making a call to obtain a csrf_token.

I added this to my setting.py (and of course followed the guide, setting all to default):

CORS_URLS_REGEX = r'^register/.*$'
CORS_URLS_REGEX = r'^login/.*$'
CORS_URLS_REGEX = r'^getcsrf/.*$'

And this is the Ajax call I try to make:

get: function() {
    $.getJSON("http://domain.herokuapp.com/getcsrf/",
    {
        tags: "jquery,javascript",
        tagmode: "any",
        format: "json"
    },
    function(data) {
        $.each(data.items, function(item){
            console.log(item);
            });
    });
}

But I get this marked in red as an error and an empty response field:

GET http://domain.herokuapp.com/getcsrf/?tags=jquery%2Cjavascript&tagmode=any&format=json   200 OK    206ms

Answer 1

There's no cross origin restrictions with phonegap, it's using a webview, not a web browser.

The only thing you have to do with phonegap/cordova is to be sure your server is whitelisted in config.xml.

In cordova 3.3/3.4, the default setting is <access origin="*" /> which should allow access to any url.