Skip to content

Commit

Permalink
Merge pull request #318 from chelo-kjml/master
Browse files Browse the repository at this point in the history 
'Access-Control-Allow-Private-Network = true' header for http response
  • Loading branch information
@corydolphin
corydolphin committed Apr 11, 2023
2 parents cad70b3 + 24070be commit b2c4da1
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions flask_cors/core.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,12 @@
ACL_EXPOSE_HEADERS = 'Access-Control-Expose-Headers'
ACL_CREDENTIALS = 'Access-Control-Allow-Credentials'
ACL_MAX_AGE = 'Access-Control-Max-Age'
ACL_RESPONSE_PRIVATE_NETWORK = 'Access-Control-Allow-Private-Network'

# Request Header
ACL_REQUEST_METHOD = 'Access-Control-Request-Method'
ACL_REQUEST_HEADERS = 'Access-Control-Request-Headers'
ACL_REQUEST_HEADER_PRIVATE_NETWORK = 'Access-Control-Request-Private-Network'

ALL_METHODS = ['GET', 'HEAD', 'POST', 'OPTIONS', 'PUT', 'PATCH', 'DELETE']
CONFIG_OPTIONS = ['CORS_ORIGINS', 'CORS_METHODS', 'CORS_ALLOW_HEADERS',
Expand Down Expand Up @@ -188,6 +190,10 @@ def get_cors_headers(options, request_headers, request_method):
if options.get('supports_credentials'):
headers[ACL_CREDENTIALS] = 'true' # case sensitive

if ACL_REQUEST_HEADER_PRIVATE_NETWORK in request_headers \
and request_headers.get(ACL_REQUEST_HEADER_PRIVATE_NETWORK) == 'true':
headers[ACL_RESPONSE_PRIVATE_NETWORK] = 'true'

# This is a preflight request
# http://www.w3.org/TR/cors/#resource-preflight-requests
if request_method == 'OPTIONS':
Expand Down

0 comments on commit b2c4da1

Please sign in to comment.