Skip to main content

A Flask extension adding a decorator for CORS support

Project description

Build Status Latest Version Downloads Supported Python versions License

A Flask extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible.

Installation

Install the extension with using pip, or easy_install.

$ pip install -U flask-cors

Usage

This extension enables CORS support either via a decorator, or a Flask extension. There are three examples shown in the examples directory, showing the major use cases. The suggested configuration is the simple_example.py, or the app_example.py. A full list of options can be found in the documentation.

This package has a simple philosophy, when you want to enable CORS, you wish to enable it for all use cases on a domain. This means no mucking around with different allowed headers, methods, etc. By default, submission of cookies across domains is disabled due to the security implications, please see the documentation for how to enable credential’ed requests, and please make sure you add some sort of CRSF protection before doing so!

Simple Usage

In the simplest case, initialize the Flask-Cors extension with default arguments in order to allow CORS for all domains on all routes.

app = Flask(__name__)
cors = CORS(app)

@app.route("/")
def helloWorld():
  return "Hello, cross-origin-world!"

Resource specific CORS

Alternatively, you can specify CORS options on a resource and origin level of granularity by passing a dictionary as the ‘resources’ option, mapping paths to a set of options.

app = Flask(__name__)
cors = CORS(app, resources={r"/api/*": {"origins": "*"}})

@app.route("/api/v1/users")
def list_users():
  return "user example"

Route specific CORS via decorator

This extension also exposes a simple decorator to decorate flask routes with. Simply add @cross_origin() below a call to Flask’s @app.route(..) to allow CORS on a given route.

@app.route("/")
@cross_origin()
def helloWorld():
  return "Hello, cross-origin-world!"

Logging

Flask-Cors uses standard Python logging, using the logger name ‘app.logger_name.cors’. The app’s logger name attribute is usually the same as the name of the app. You can read more about logging from Flask’s documentation.

import logging
# make your awesome app
logging.basicConfig(level=logging.INFO)

Documentation

For a full list of options, please see the full documentation

Tests

A simple set of tests is included in test/. To run, install nose, and simply invoke nosetests or python setup.py test to exercise the tests.

Contributing

Questions, comments or improvements? Please create an issue on Github, tweet at @corydolphin or send me an email. I do my best to include every contribution proposed in any way that I can.

Credits

This Flask extension is based upon the Decorator for the HTTP Access Control written by Armin Ronacher.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-Cors-2.0.1.tar.gz (27.7 kB view details)

Uploaded Source

File details

Details for the file Flask-Cors-2.0.1.tar.gz.

File metadata

  • Download URL: Flask-Cors-2.0.1.tar.gz
  • Upload date:
  • Size: 27.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for Flask-Cors-2.0.1.tar.gz
Algorithm Hash digest
SHA256 b0f4232d3d648e5cf4b7f24d80a01b996d78f2f02df0aa9a49ed195c4a037741
MD5 ca5b9c19878d600f18286fc0f60a4469
BLAKE2b-256 2081e206a2fcd3c61fdcfbf27f4aee6c484adb755f94b84b48a6c062ae2f75e7

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page