Allow any Hosts / origin on a specific view | Django | Page 1

spark swan Dec 27, 2023, 12:37 PM

#

handle that specific host under your view?

cerulean goblet Dec 27, 2023, 12:47 PM

#

spark swan handle that specific host under your view?

??

I believe without a middleware its not possibvle?

spark swan Dec 27, 2023, 12:55 PM

#

what exactly are you trying to do?

cerulean goblet Dec 27, 2023, 12:56 PM

#

read my question sir

spark swan Dec 27, 2023, 12:56 PM

#

I did,

cerulean goblet Dec 27, 2023, 12:56 PM

#

so: basically

#

I use the global settings for allowed hosts, allowed origins,.. from my global settings.py which is default django.

But I have one view/api-path I want to allow from anywhere.

spark swan Dec 27, 2023, 1:00 PM

#

you are using CorsHeaders ?

cerulean goblet Dec 27, 2023, 1:19 PM

#

yes

spark swan Dec 27, 2023, 1:33 PM

#

inherit cors middleware, overwrite the method that checks if origin is allowed, add your condition for that particular route

#

I think that would work

cerulean goblet Dec 27, 2023, 1:39 PM

#

pls give me any reference? @spark swan

spark swan Dec 27, 2023, 2:05 PM

#

# settings.py
CORS_OPTIONAL_ORIGINS = {
  "https://foobar.com": ["path-to-view"]
}


# middleware.py
from django.conf import settings

from corsheaders.middleware import CorsMiddleware as DjangoCorsMiddleware


class CorsMiddleware(DjangoCorsMiddleware):
  def _url_in_optional_whitelist(self, origin: str) -> bool:
    return origin in settings.SCORS_OPTIONAL_ORIGINS

  def origin_found_in_white_lists(self, origin: str, url: SplitResult) -> bool: # overwrite
    if self._url_in_optional_whitelist(origin):
       # check requested path is allowed route
       return condition

    return super().origin_found_in_white_list(origin, url)

#Allow any Hosts / origin on a specific view