Sèkun blog

Allowing unlimited access with CORS – Musing Mortoray

24/05/2020, 16:26:00

Ajouter des entêtes CORS à toutes les requêstes avec Flask. Fonctionne pour moi contrairement à flask_cors.

@app.after_request
def add_cors(resp):
""" Ensure all responses have the CORS headers. This ensures any failures are also accessible
by the client. """

resp.headers['Access-Control-Allow-Origin'] = flask.request.headers.get('Origin','*')
resp.headers['Access-Control-Allow-Credentials'] = 'true'
resp.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS, GET'
resp.headers['Access-Control-Allow-Headers'] = flask.request.headers.get(
'Access-Control-Request-Headers', 'Authorization' )
# set low for debugging
if app.debug:
resp.headers['Access-Control-Max-Age'] = '1'
return resp