issue (bug_risk): The position of CorsMiddleware in the middleware stack may not follow recommended ordering.
According to django-cors-headers docs, CorsMiddleware should be as high in the stack as possible, typically before CommonMiddleware, so CORS headers are correctly applied to all responses. Here it appears after CommonMiddleware and a custom CSRF-disabling middleware. Please move it above these to match the documented order and avoid subtle CORS issues.
Originally posted by @sourcery-ai[bot] in #38 (comment)
issue (bug_risk): The position of
CorsMiddlewarein the middleware stack may not follow recommended ordering.According to
django-cors-headersdocs,CorsMiddlewareshould be as high in the stack as possible, typically beforeCommonMiddleware, so CORS headers are correctly applied to all responses. Here it appears afterCommonMiddlewareand a custom CSRF-disabling middleware. Please move it above these to match the documented order and avoid subtle CORS issues.Originally posted by @sourcery-ai[bot] in #38 (comment)