This repository was archived by the owner on Nov 3, 2025. It is now read-only.
CORS file headers are absent #86
Description
The CORS header configuration is absent and prevents files accessed using CORS. A simple fix for this is to add the following to the api_site settings.py file:
CORS_ALLOW_HEADERS = [ 'accept', 'accept-encoding', 'authorization', 'content-type', 'content-disposition', 'dnt', 'origin', 'user-agent', 'x-csrftoken', 'x-requested-with', ]
The headers specified are all of the defaults found here and the addition of the "content-disposition" header item is what makes the file access work with CORS.