Commit 73595284 authored by Konrad Mohrfeldt's avatar Konrad Mohrfeldt

add CORS headers to responses for API consumers

Add corsheaders app so that responses delivered for /api routes contain
proper CORS headers required by clients running in browsers constrained
by same-origin policies.

Note: /media/ routes are configured in the default configuration because
the development web server should immitate the behaviour of a production
web server. However CORS headers will not be present on a production
server if not configured separately, because the /media/ path is
handled by the static file serving mechanism of common web servers.
parent ce1d5c1c
......@@ -22,6 +22,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
......@@ -53,6 +54,7 @@ except ImportError:
......@@ -161,6 +163,13 @@ LOHROTHEK_RECORDING_API_URL = 'http://localhost:8001/snippets/'
LOHROTHEK_FFMPEG = '/usr/bin/ffmpeg'
# Add CORS headers for all routes starting with either /api/ or /media/.
# Note that the /media/ path is only handled in dev-mode as static resources are delivered
# by a proper web server in production and must be configured separately.
CORS_URLS_REGEX = r'^/(api|media)/.*$'
from lohrothek.local_settings import * # noqa: 401
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment