HTTP header CORS policy - 'Access-Control-Allow-Origin'

• sof
• S3 CORS Policy를 일단 다 때려넣어봤다

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "HEAD",
            "PUT",
            "GET",
            "POST",
            "DELETE"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": [
            "x-amz-request-id",
            "x-amz-server-side-encryption",
            "x-amz-version-id",
            "Content-Length",
            "Content-Type",
            "Connection",
            "Date",
            "ETag",
            "x-amz-delete-marker"
        ]
    }
]

그리고 미들웨어를 하나 만들었다. django-cors-headers는 쓰레기다 다음 미들웨어는 모든 response 헤더에 Acess-Control-Allow-Headers를 추가한다.

from django import http

class CorsMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        response = self.get_response(request)
        if (request.method == "OPTIONS"  and "HTTP_ACCESS_CONTROL_REQUEST_METHOD" in request.META):
            response = http.HttpResponse()
            response["Content-Length"] = "0"
            response["Access-Control-Max-Age"] = 86400
        response["Access-Control-Allow-Origin"] = "*"
        response["Access-Control-Allow-Methods"] = "DELETE, GET, OPTIONS, PATCH, POST, PUT"
        response["Access-Control-Allow-Headers"] = "accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with"
        return response