用django写的api,供第三方调用,但是出现个问题

一,问题

1.用form表单提交ok

2.用ajax方式显示失败,如下提示

==================================================================

XMLHttpRequest cannot load http://www.itnihao.com/api,Origin null is not allowed by Access-Control-Allow-Origin.

==================================================================

 以上提示信息是跨域访问验证失败,因为django不允许这种跨域访问

二,解决办法


进入项目目录,新建文件


#mkidr middleware

#touch middleware/__init.py__

#vim middleware/crossdomainxhr.py

from django import http
                                                                                                                                                                
try:
    from django.conf import settings
    XS_SHARING_ALLOWED_ORIGINS = settings.XS_SHARING_ALLOWED_ORIGINS
    XS_SHARING_ALLOWED_METHODS = settings.XS_SHARING_ALLOWED_METHODS
    XS_SHARING_ALLOWED_HEADERS = settings.XS_SHARING_ALLOWED_HEADERS
    XS_SHARING_ALLOWED_CREDENTIALS = settings.XS_SHARING_ALLOWED_CREDENTIALS
except AttributeError:
    XS_SHARING_ALLOWED_ORIGINS = '*'
    #XS_SHARING_ALLOWED_METHODS = ['POST', 'GET', 'OPTIONS', 'PUT', 'DELETE']
    XS_SHARING_ALLOWED_METHODS = ['POST', 'GET']
    XS_SHARING_ALLOWED_HEADERS = ['Content-Type', '*']
    XS_SHARING_ALLOWED_CREDENTIALS = 'true'
                                                                                                                                                                
                                                                                                                                                                
class XsSharing(object):
    """
    This middleware allows cross-domain XHR using the html5 postMessage API.
                                                                                                                                                                    
    Access-Control-Allow-Origin: http://foo.example
    Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
                                                                                                                                                                
    Based off https://gist.github.com/426829
    """
    def process_request(self, request):
        if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META:
            response = http.HttpResponse()
            response['Access-Control-Allow-Origin']  = XS_SHARING_ALLOWED_ORIGINS
            response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS )
            response['Access-Control-Allow-Headers'] = ",".join( XS_SHARING_ALLOWED_HEADERS )
            response['Access-Control-Allow-Credentials'] = XS_SHARING_ALLOWED_CREDENTIALS
            return response
                                                                                                                                                                
        return None
                                                                                                                                                                
    def process_response(self, request, response):
        response['Access-Control-Allow-Origin']  = XS_SHARING_ALLOWED_ORIGINS
        response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS )
        response['Access-Control-Allow-Headers'] = ",".join( XS_SHARING_ALLOWED_HEADERS )
        response['Access-Control-Allow-Credentials'] = XS_SHARING_ALLOWED_CREDENTIALS
                                                                                                                                                                
        return response


在settings.py添加(MIDDLEWARE_CLASSES这里添加)

'middleware.crossdomainxhr.XsSharing',

181409815.png

参考资料

https://gist.github.com/strogonoff/1369619


安装gevent

yum  install  gcc  libevent  libevent-devel

easy_install greenlet

easy_install pip

pip install gevent

pip freeze | grep gevent