Search code examples
javascriptdjangoangularjsdjango-rest-frameworkdjango-cors-headers

Django Rest Framework/Angular JS Preflight options request

I've written an API using Django REST Framework. For authentication, I'm using django-oauth2-provider: https://github.com/caffeinehit/django-oauth2-provider

I have cors configured in my settings page like so (using Corsheaders middleware.) 

MIDDLEWARE_CLASSES = (
    ...
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    ...
)

CORS_ORIGIN_ALLOW_ALL = True  # Dangerous (using for testing purposes)

My client application is built with Angular JS. However, every time we make any request (including a GET requests), an options request is sent out. This options request takes ~50 - 500 ms depending on the request.

The api calls look like "https://example.com/api/v1/posts/?page=1 (2, 3, 4...etc)"

I need to wrap my head around why this request is being made, and how to improve performance for the application.

Solution

  • Here's Two Strategies for Crossing Origins with Performance in Mind.

    They boil down to:

    1. Proper use of Access-Control-Max-Age
    2. Staying within the confines of a "simple request"