Skip to main content

A Flask extension adding a decorator for CORS support

Project description

Build Status Latest Version Supported Python versions License

A Flask extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible.

This package has a simple philosophy: when you want to enable CORS, you wish to enable it for all use cases on a domain. This means no mucking around with different allowed headers, methods, etc.

By default, submission of cookies across domains is disabled due to the security implications. Please see the documentation for how to enable credential’ed requests, and please make sure you add some sort of CSRF protection before doing so!

Installation

Install the extension with using pip, or easy_install.

$ pip install -U flask-cors

Usage

This package exposes a Flask extension which by default enables CORS support on all routes, for all origins and methods. It allows parameterization of all CORS headers on a per-resource level. The package also contains a decorator, for those who prefer this approach.

Simple Usage

In the simplest case, initialize the Flask-Cors extension with default arguments in order to allow CORS for all domains on all routes. See the full list of options in the documentation.

from flask import Flask
from flask_cors import CORS

app = Flask(__name__)
CORS(app)

@app.route("/")
def helloWorld():
  return "Hello, cross-origin-world!"

Resource specific CORS

Alternatively, you can specify CORS options on a resource and origin level of granularity by passing a dictionary as the resources option, mapping paths to a set of options. See the full list of options in the documentation.

app = Flask(__name__)
cors = CORS(app, resources={r"/api/*": {"origins": "*"}})

@app.route("/api/v1/users")
def list_users():
  return "user example"

Route specific CORS via decorator

This extension also exposes a simple decorator to decorate flask routes with. Simply add @cross_origin() below a call to Flask’s @app.route(..) to allow CORS on a given route. See the full list of options in the decorator documentation.

@app.route("/")
@cross_origin()
def helloWorld():
  return "Hello, cross-origin-world!"

Documentation

For a full list of options, please see the full documentation

Troubleshooting

If things aren’t working as you expect, enable logging to help understand what is going on under the hood, and why.

logging.getLogger('flask_cors').level = logging.DEBUG

Tests

A simple set of tests is included in test/. To run, install nose, and simply invoke nosetests or python setup.py test to exercise the tests.

If nosetests does not work for you, due to it no longer working with newer python versions. You can use pytest to run the tests instead.

Contributing

Questions, comments or improvements? Please create an issue on Github, tweet at @corydolphin or send me an email. I do my best to include every contribution proposed in any way that I can.

Credits

This Flask extension is based upon the Decorator for the HTTP Access Control written by Armin Ronacher.

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_cors-5.0.0.tar.gz (31.0 kB view details)

Uploaded Source

Built Distribution

Flask_Cors-5.0.0-py2.py3-none-any.whl (14.5 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file flask_cors-5.0.0.tar.gz.

File metadata

  • Download URL: flask_cors-5.0.0.tar.gz
  • Upload date:
  • Size: 31.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.5

File hashes

Hashes for flask_cors-5.0.0.tar.gz
Algorithm Hash digest
SHA256 5aadb4b950c4e93745034594d9f3ea6591f734bb3662e16e255ffbf5e89c88ef
MD5 a6e8202cc008ef6f70ce75a7ae7f8d9d
BLAKE2b-256 4fd0d9e52b154e603b0faccc0b7c2ad36a764d8755ef4036acbf1582a67fb86b

See more details on using hashes here.

File details

Details for the file Flask_Cors-5.0.0-py2.py3-none-any.whl.

File metadata

  • Download URL: Flask_Cors-5.0.0-py2.py3-none-any.whl
  • Upload date:
  • Size: 14.5 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.5

File hashes

Hashes for Flask_Cors-5.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 b9e307d082a9261c100d8fb0ba909eec6a228ed1b60a8315fd85f783d61910bc
MD5 66199b77d52f670fed222a27689fe68d
BLAKE2b-256 56071afa0514c876282bebc1c9aee83c6bb98fe6415cf57b88d9b06e7e29bf9c

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page