Skip to main content

A Flask extension adding a decorator for CORS support

Project description

Build Status Latest Version Downloads Supported Python versions License

A Flask extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible.

Installation

Install the extension with using pip, or easy_install.

$ pip install flask-cors

Usage

This extension enables CORS support either via a decorator, or a Flask extension. There are three examples shown in the examples directory, showing the major use cases. The suggested configuration is the simple_example.py, or the app_example.py.

Simple Usage

In the simplest case, initialize the Flask-Cors extension with default arguments in order to allow CORS on all routes.

app = Flask(__name__)
cors = CORS(app)

@app.route("/")
def helloWorld():
  return "Hello, cross-origin-world!"

Resource specific CORS

Alternatively, a list of resources and associated settings for CORS can be supplied, selectively enables CORS support on a set of paths on your app.

Note: this resources parameter can also be set in your application’s config.

app = Flask(__name__)
cors = CORS(app, resources={r"/api/*": {"origins": "*"}})

@app.route("/api/v1/users")
def list_users():
  return "user example"

Route specific CORS via decorator

This extension also exposes a simple decorator to decorate flask routes with. Simply add @cross_origin() below a call to Flask’s @app.route(..) incanation to accept the default options and allow CORS on a given route.

@app.route("/")
@cross_origin() # allow all origins all methods.
def helloWorld():
  return "Hello, cross-origin-world!"

Using JSON with CORS

When using JSON cross origin, browsers will issue a pre-flight OPTIONS request for POST requests. In order for browsers to allow POST requests with a JSON content type, you must allow the Content-Type header. The simplest way to do this is to simply set the CORS_HEADERS configuration value on your application: e.g.

app.config['CORS_HEADERS'] = 'Content-Type'

Application-wide settings

Alternatively, you can set all parameters except automatic_options in an app’s config object. Setting these at the application level effectively changes the default value for your application, while still allowing you to override it on a per-resource basis, either via the CORSEnabler and regular expressions, or via the @cross_origin() decorator.

The application-wide configuration options are creatively prefixed with CORS_ e.g. * CORS_ORIGINS * CORS_METHODS * CORS_HEADERS * CORS_EXPOSE_HEADERS * CORS_ALWAYS_SEND * CORS_MAX_AGE * CORS_SEND_WILDCARD * CORS_ALWAYS_SEND

For a full list of options, please see the full documentation

Tests

A simple set of tests is included in test/. To run, install nose, and simply invoke nosetests or python setup.py test to exercise the tests.

Contributing

Questions, comments or improvements? Please create an issue on Github, tweet at [@wcdolphin](https://twitter.com/wcdolphin) or send me an email.

Credits

This Flask extension is based upon the [Decorator for the HTTP Access Control](http://flask.pocoo.org/snippets/56/) written by Armin Ronacher.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-Cors-1.7.0.tar.gz (12.7 kB view details)

Uploaded Source

Built Distributions

Flask_Cors-1.7.0-py3-none-any.whl (9.9 kB view details)

Uploaded Python 3

Flask_Cors-1.7.0-py2-none-any.whl (9.9 kB view details)

Uploaded Python 2

File details

Details for the file Flask-Cors-1.7.0.tar.gz.

File metadata

  • Download URL: Flask-Cors-1.7.0.tar.gz
  • Upload date:
  • Size: 12.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for Flask-Cors-1.7.0.tar.gz
Algorithm Hash digest
SHA256 b8c970980c5939d9978722f5d918a015b264f5d032352040b614b4f3ae4b50da
MD5 35f4a29d8c6bb7217e923c9bd6ad2843
BLAKE2b-256 878f6ddb8c0482f64c1a15f367a60be9ae93ad2f2bf52d1ab96b2b04929446c7

See more details on using hashes here.

File details

Details for the file Flask_Cors-1.7.0-py3-none-any.whl.

File metadata

File hashes

Hashes for Flask_Cors-1.7.0-py3-none-any.whl
Algorithm Hash digest
SHA256 672d2c16ce358f0962f693697b60fc6b1ca41c8c54ad94830b3b0b82c6ceb7a7
MD5 be2f7e698789f0e971127ccb09438218
BLAKE2b-256 d9445fe2d02588f17f7a906d934c99198d5f3e79a745aa38877abbc2bf60d35b

See more details on using hashes here.

File details

Details for the file Flask_Cors-1.7.0-py2-none-any.whl.

File metadata

File hashes

Hashes for Flask_Cors-1.7.0-py2-none-any.whl
Algorithm Hash digest
SHA256 689a4b147752eb0004327c27f3a7e2ba0c80ba6de84a59d28265b1a5a920f654
MD5 5d5156074acd97bb1cccf6fab3700f9c
BLAKE2b-256 da3411a3afc88121abcc305b0a7d8d7d4b5eeeaafe80e1b3fc89eb5bfe4cdb58

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page