distinguish allowed_hosts and cors_origin_regex_whitelist in django?

0 votes
I don't understand the difference between allowed_host and cors_origin_regex_whitelist in django settings.
Jul 6, 2018 in DevOps Tools by DragonLord999
• 8,380 points
155 views

1 answer to this question.

0 votes

ALLOWED_HOSTS as in docs is quite self explanatory

A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations

CORS_ORIGIN_REGEX_WHITELIST

This variable expects a third party package django-cors-headers. If a browser starts a request through JS to another domain, it will send an OPTIONS request to know if the server is letting the domain accept request by checking Access-Control-Allow-Origin header. There are some other headers also using this like Access-Control-Allow-Headers , etc.

answered Jul 6, 2018 by ajs3033
• 7,280 points

Related Questions In DevOps Tools

+1 vote
3 answers

How do I check and export sonarqube analysis reports in embedded db?

Browse to sonarqube web instance to access ...READ MORE

answered Jul 2, 2018 in DevOps Tools by DareDev
• 6,810 points
4,161 views
0 votes
1 answer
0 votes
3 answers
+13 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 26, 2018 in DevOps & Agile by DragonLord999
• 8,380 points
181 views
0 votes
1 answer
0 votes
1 answer

Logs in phoenix web app deployed using edeliver

The newer versions of edilever and distillery ...READ MORE

answered Jun 19, 2018 in DevOps Tools by ajs3033
• 7,280 points
47 views