前端:
headers: { token: '' }
if (document.cookie.length > 0) { var arr = document.cookie.split('; ') for (var i = 0; i < arr.length; i++) { // 再次切割 var arr2 = arr[i].split('=') // 判断查找相对应的值 if (arr2[0] === 'name') { // 保存到保存数据的地方 this.params.name = arr2[1] }else if (arr2[0] === 'token') { this.params.token = arr2[1] this.headers.token = arr2[1] } } }
<el-upload class="avatar-uploader" action="http://127.0.0.1:8000/api/image/upload/" :show-file-list="false" :data="params" :headers="headers" :on-error="uploadError" :on-success="handleAvatarSuccess" :before-upload="beforeAvatarUpload"> <img v-if="imageUrl" :src="imageUrl" class="avatar"> <i v-else class="el-icon-plus avatar-uploader-icon"></i> </el-upload>
后端:
INSTALLED_APPS = [ 'corsheaders', ]
MIDDLEWARE = [ 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'corsheaders.middleware.CorsPostCsrfMiddleware', ]
CORS_ALLOW_CREDENTIALS = True CORS_ORIGIN_ALLOW_ALL = True CORS_ORIGIN_WHITELIST = ( '*' ) CSRF_TRUSTED_ORIGINS = ( '*' ) CORS_ALLOW_METHODS = ( 'DELETE', 'GET', 'OPTIONS', 'PATCH', 'POST', 'PUT', 'VIEW', ) CORS_ALLOW_HEADERS = ( 'XMLHttpRequest', 'X_FILENAME', 'accept-encoding', 'authorization', 'content-type', 'dnt', 'origin', 'user-agent', 'x-csrftoken', 'x-requested-with', 'Pragma', )
报错: