New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable CORS for particular routes. #176
Comments
Hi @rajaravivarma-r, I usually use a from weppy import response
from weppy.handlers import Handler
class CORS(Handler):
def on_start(self):
response.headers["Access-Control-Allow-Origin"] = "my.domain.tld"
response.headers["Access-Control-Allow-Credentials"] = "true"
response.headers["Access-Control-Allow-Methods"] = "OPTIONS, GET, POST, PUT, PATCH, DELETE"
response.headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization" Then you can add it to all routes or just a specific route: #: common
app.common_handlers = [CORS()]
#: single
@app.route('/route', handlers=[CORS()]) I can add a customizable handler like this one inside weppy, and it will be a Regarding the options request, I think it would be better to have a catch-all route for options (I usually do this): @app.route('/<any:p>', methods='options', handlers=[CORS()])
def _options(p):
return "" |
Thank you @gi0baro, I didn't know this approach. I couldn't find it in the documentation. |
@rajaravivarma-r Yes, I'm currently rewriting some parts of the documentation for the next version which should explain these stuffs :) |
Now you should use a Pipe for this purpose, since handlers are deprecated. from weppy import Pipe, response
class CORS(Pipe):
def open(self):
response.headers["Access-Control-Allow-Origin"] = "example.com"
response.headers["Access-Control-Allow-Credentials"] = "true"
response.headers["Access-Control-Allow-Methods"] = "OPTIONS, GET, POST, PUT, PATCH, DELETE"
response.headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization" and in you app.py: app.pipeline = [db.pipe, CORS()] |
Hello, what allow origin config to enable ALL sites because I need to use mobile apps with weppy webapps. |
@felipebastosweb usually you don't need CORS on mobile apps, but only for ajax requests. from weppy import Pipe, response
class CORS(Pipe):
def open(self):
response.headers["Access-Control-Allow-Origin"] = "*"
response.headers["Access-Control-Allow-Credentials"] = "true"
response.headers["Access-Control-Allow-Methods"] = "OPTIONS, GET, POST, PUT, PATCH, DELETE"
response.headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization"
app.pipeline = [CORS()] |
I needed with Ionic3 android platform and CORS pipeline is working. |
We should be able to mark a route as CORS enabled. The route should be able to intercept any 'OPTIONS' request and handle it as configured.
I am thinking of a decorator like,
I put up something as a quick hack for one such use case.
I would like to contribute this feature, if you like. Please give your inputs.
The text was updated successfully, but these errors were encountered: