Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update flask-cors to 3.0.4 #849

Merged
merged 1 commit into from Jul 22, 2018
Merged

Update flask-cors to 3.0.4 #849

merged 1 commit into from Jul 22, 2018

Conversation

pyup-bot
Copy link
Collaborator

This PR updates Flask-Cors from 2.1.2 to 3.0.4.

Changelog

3.0.4

Handle response.headers being None. (Fixes issue 217)

3.0.3

Ensure that an Origin of '*' is never sent if supports_credentials is True (fixes Issue 202)
* If `always_send=True`, and `'*'` is in the allowed origins, and a request is made without an Origin header, no `Access-Control-Allow-Origins` header will now be returned. This is breaking if you depended on it, but was a bug as it goes against the spec.

3.0.2

Fixes Issue 187: regression whereby header (and domain) matching was incorrectly case sensitive. Now it is not, making the behavior identical to 2.X and 1.X.

3.0.1

Fixes Issue 183: regression whereby regular expressions for origins with an "?" are not properly matched.

3.0.0

This release is largely a number of small bug fixes and improvements, along with a default change in behavior, which is technically a breaking change.

**Breaking Change**
We added an always_send option, enabled by default, which makes Flask-CORS inject headers even if the request did not have an 'Origin' header. Because this makes debugging far easier, and has very little downside, it has also been set as the default, making it technically a breaking change. If this actually broke something for you, please let me know, and I'll help you work around it. (156) c7a1ecdad375a796155da6aca6a1f750337175f3


Other improvements:
* Adds building of universal wheels (175) 4674c3d54260f8897bd18e5502509363dcd0d0da
* Makes Flask-CORS compatible with OAuthLib's custom header class ... (172) aaaf904845997a3b684bc6677bdfc91656a85a04
* Fixes incorrect substring matches when strings are used as origins or headers (165) 9cd3f295bd6b0ba87cc5f2afaca01b91ff43e72c
* Fixes logging when unknown options are supplied (152) bddb13ca6636c5d559ec67a95309c9607a3fcaba

2.1.3

Fixes Vary:Origin header sending behavior when regex origins are used.
Links

@suchow suchow merged commit 12cf9e3 into master Jul 22, 2018
@suchow suchow deleted the pyup-update-flask-cors-2.1.2-to-3.0.4 branch July 24, 2018 02:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pyup-bot @suchow