Disable CORS altogether.

This solves #4 better than dfc7c8b163

etesync_server/settings.py

@@ -40,6 +40,7 @@ INSTALLED_APPS = [
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
+    'corsheaders',
     'rest_framework',
     'rest_framework.authtoken',
     'journal.apps.JournalConfig',
@@ -48,6 +49,7 @@ INSTALLED_APPS = [
 MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
@@ -130,3 +132,6 @@ STATIC_URL = '/static/'
 JOURNAL_API_PERMISSIONS = (
         'rest_framework.permissions.IsAuthenticated',
         )
+
+# Cors
+CORS_ORIGIN_ALLOW_ALL = True

requirements.txt

@@ -1,4 +1,5 @@
 Django>=2.0.5,<2.0.999
+django-cors-headers==2.3.0
 djangorestframework>=3.8.2,<3.8.999
 drf-nested-routers==0.90.2
 pytz