odoo 接口跨域请求报错
原创
©著作权归作者所有:来自51CTO博客作者那时一个人的原创作品,请联系作者获取转载授权,否则将追究法律责任
浏览器显示的信息如下:
from origin 'http://www.docway.net' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
参考了该博主的文章:https://www.jinxiaoliang.cn/V/213.html
对odoo 的代码修改如下:
# 第一处
@http.route(
"/api/auth/token", methods=["GET","OPTIONS"], type="http", auth="none", csrf=False,cors='http://www.docway.net',
save_session=False
)
#第二处:
if request.endpoint and 'cors' in request.endpoint.routing:
self.headers.set('Access-Control-Allow-Origin', request.endpoint.routing['cors'])
self.headers.set('Access-Control-Allow-Credentials', 'true') # 改
methods = 'GET, POST'
if request.endpoint.routing['type'] == 'json':
methods = 'POST'
elif request.endpoint.routing.get('methods'):
methods = ', '.join(request.endpoint.routing['methods'])
self.headers.set('Access-Control-Allow-Methods', methods)
# 第三处:
if request.httprequest.method == 'OPTIONS' and request.endpoint and request.endpoint.routing.get('cors'):
headers = {
'Access-Control-Max-Age': 60 * 60 * 24,
'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept, X-Debug-Mode'
,'Access-Control-Allow-Credentials':'true' # 改
}
return Response(status=200, headers=headers)
懂得,原来世界如此简单!