Skip to main content

CORS support for Morepath

Project description

more.cors: CORS support for Morepath

This package adds CORS support to Morepath.

Quick start

Install more.cors:

$ pip install -U more.cors

Extend your App class from CORSApp:

from more.cors import CORSApp


class App(CORSApp):
    pass

This will add basic CORS support to your Morepath app.

Settings

more.cors provides settings in the ‘cors’ section. Here are the defaults:

@App.setting_section(section='cors')
def cors_settings():
    return {
        'allowed_verbs': ['GET', 'PUT', 'POST', 'PATCH', 'DELETE', 'OPTIONS'],
        'allowed_origin': '*',
        'expose_headers': ['Content-Type', 'Authorization'],
        'allowed_headers': ['Content-Type', 'Authorization'],
        'max_age': 60,
        'allow_credentials': False
    }

The following settings are available:

allowed_verbs
A list of allowed HTTP request methods.
allowed_origin
A URI that may access the resource. For requests without credentials, “*” can be used as a wildcard, allowing any origin to access the resource.
expose_headers
A list of HTTP headers which can be exposed as part of the response.
allowed_headers
A list of HTTP headers which can be used during the actual request.
max_age
Maximum number of seconds the results of a preflight request can be cached.
allow_credentials
Boolean which indicates whether or not the actual request can be made using credentials. Credentials are cookies, authorization headers or TLS client certificates.

Specify CORS settings for a single view

more.cors exposes the App.cors() class method. This can be used to specify settings for a single view:

App.cors(
    model=Root,
    view_name='view2',
    allowed_headers=['Cache-Control'],
    expose_headers=['Cookie'],
    allowed_origin='http://foo.com',
    allow_credentials=True,
    max_age=10
)
model
Specifies the corresponding view model.
view_name
Is needed when you use a named view.
allowed_headers, expose_headers, allowed_origin, allow_credentials, max_age
The settings which can be specified. For details see Settings.

CHANGES

0.2 (2018-06-11)

  • Fix list of allowed verbs for failed (unauthorized) preflight (see PR #4).

0.1 (2018-06-08)

  • Initial public release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for more.cors, version 0.2
Filename, size File type Python version Upload date Hashes
Filename, size more.cors-0.2-py2.py3-none-any.whl (6.5 kB) File type Wheel Python version py2.py3 Upload date Hashes View hashes
Filename, size more.cors-0.2.tar.gz (6.4 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page