Menu
What is the difference between this two django settings :
ALLOWED_HOSTS
CORS_ORIGIN_REGEX_WHITELIST
811
asked Dec 21 '25 07:12
ALLOWED_HOSTS
A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations
CORS_ORIGIN_REGEX_WHITELIST
This is actually a variable expecting a third party package django-cors-headers.So the thing is when a browser starts a request through javascript to another domain (cross domain), browser will send a OPTIONS request first to get to know whether server is allowing the domain to accept request by checking Access-Control-Allow-Origin header.
Note
There are some other headers also using this like Access-Control-Allow-Headers , etc.
77
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
