add CORS headers to responses for API consumers
Add corsheaders app so that responses delivered for /api routes contain proper CORS headers required by clients running in browsers constrained by same-origin policies. Note: /media/ routes are configured in the default configuration because the development web server should immitate the behaviour of a production web server. However CORS headers will not be present on a production server if not configured separately, because the /media/ path is handled by the static file serving mechanism of common web servers.
Showing with 10 additions and 0 deletions