cros headers and csrf 403 forbidden errror solution

 

 

install core headers and add it in installed apps

SESSION_ENGINE = 'django.contrib.sessions.backends.file'

SESSION_FILE_PATH = os.path.join(BASE_DIR,'sessions')

SESSION_COOKIE_AGE = 86400      

SESSION_EXPIRE_AT_BROWSER_CLOSE = False

CORS_ORIGIN_ALLOW_ALL = True

CORS_ALLOW_HEADERS = ['*']

CSRF_COOKIE_SAMESITE = 'Lax'  # Or 'Strict', depending on your setup

CSRF_COOKIE_SECURE = False