# Django CORS Headers

***

**1.** Allow all origins and methods

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_METHODS = [
    'DELETE',
    'GET',
    'OPTIONS',
    'PATCH',
    'POST',
    'PUT',
]
```

**2.** Allow specific origins

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
    "https://foo.example.com",
    "https://bar.example.com",
]
```

**3.** Allow specific origins with GET and POST methods

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_METHODS = ['GET', 'POST']
```

**4.** Allow all origins with GET and POST methods

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_METHODS = ['GET', 'POST']
```

**5.** Allow all origins and specific methods

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
```

**6.** Allow all origins, specific methods, and specific headers

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_METHODS = ['GET', 'POST']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**7.** Allow specific origins, specific methods, and specific headers

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**8.** Allow all origins and expose specific headers

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
```

**9.** Allow specific origins and expose specific headers

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
```

**10.** Allow all origins with credentials and specific methods

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['GET', 'POST']
```

**11.** Allow specific origins with credentials and specific methods

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
```

**12.** Allow all origins with credentials, specific methods, and specific headers

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['GET', 'POST']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**13.** Allow specific origins with credentials, specific methods, and specific headers

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**14.** Allow all origins with credentials, expose specific headers, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_MAX_AGE = 3600  # in seconds
```

**15.** Allow specific origins with credentials, expose specific headers, and max age

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_MAX_AGE = 3600  # in seconds
```

**16.** Allow all origins with preflight requests and specific headers

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**17.** Allow specific origins with preflight requests and specific headers

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**18.** Allow all origins with preflight requests and expose specific headers

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
```

**19.** Allow specific origins with preflight requests and expose specific headers

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
```

**20.** Allow all origins with preflight requests, expose specific headers, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_MAX_AGE = 3600  # in seconds
```

**21.** Allow specific origins with preflight requests, expose specific headers, and max age

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_MAX_AGE = 3600  # in seconds
```

**22.** Allow all origins with credentials, specific methods, and preflight requests

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['GET', 'POST']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**23.** Allow specific origins with credentials, specific methods, and preflight requests

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**24.** Allow all origins with credentials, expose specific headers, and preflight requests

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**25.** Allow specific origins with credentials, expose specific headers, and preflight requests

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**26.** Allow all origins with credentials, expose specific headers, preflight requests, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**27.** Allow specific origins with credentials, expose specific headers, preflight requests, and max age

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**28.** Allow all origins with credentials, specific methods, preflight requests, and expose specific headers

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['GET', 'POST']
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**29.** Allow specific origins with credentials, specific methods, preflight requests, and expose specific headers

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
```

**30.** Allow all origins with credentials, preflight requests, expose specific headers, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**31.** Allow specific origins with credentials, preflight requests, expose specific headers, and max age

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**32.** Allow all origins with credentials, specific methods, preflight requests, expose specific headers, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['GET', 'POST']
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**33.** Allow specific origins with credentials, specific methods, preflight requests, expose specific headers, and max age

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_METHODS = ['PUT', 'DELETE']
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**34.** Allow all origins with preflight requests, expose specific headers, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**35.** Allow specific origins with preflight requests, expose specific headers, and max age

```python
CORS_ALLOWED_ORIGINS = [
    "https://example.com",
]
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```

**36.** Allow all origins with preflight requests, expose specific headers, and max age

```python
CORS_ORIGIN_ALLOW_ALL = True
CORS_EXPOSE_HEADERS = ['Content-Range', 'X-Pagination']
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization']
CORS_MAX_AGE = 3600  # in seconds
```