I am getting the following error message when I try to access my endpoints.
Request header field X-FirePHP-Version is not allowed by Access-Control-Allow-Headers in preflight response.
This is how my settings.py file looks
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'api.apps.ApiConfig',
'django_server',
'corsheaders', # For Cross-Origin Resource Sharing
]
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = False
If you have additional headers that are going to be in your requests to a CORS enabled server, you should specify those in the CORS_ALLOW_HEADERS django-cors setting. This should solve it, but I would double check to make sure those headers are supposed to be there.
# In your project's settings.py
CORS_ALLOW_HEADERS = (
'x-requested-with',
'content-type',
'accept',
'origin',
'authorization',
'x-csrftoken',
'x-firephp-version', # Added to default list
)
# more settings...
Under the hood this simply sets the Access-Control-Request-Headers header on your server's responses.