When accessing media endpoint from web app, CORS headers required by browsers are missing.
Here is a temporary workaround at huandzh#4 . It can be also used as a hint to fix it delicately.
Expected Behavior
OPTIONS and GET from remote web app to media endpoint should receive response headers containing CORS headers. Thus, preflight and actual GET can success:
Access-Control-Allow-Origin: ...
Vary: Origin
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Authorization, Content-Type, X-Requested-With
Access-Control-Expose-Headers:
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
...
Actual Behavior
No CORS headers in response headers from remote web app to media endpoint. The code for media endpoint bypassed CORS related codes.
Environment
- Python version: 3.6.5/3.7.0
- Eve version: 0.8/master branch
When accessing media endpoint from web app, CORS headers required by browsers are missing.
Here is a temporary workaround at huandzh#4 . It can be also used as a hint to fix it delicately.
Expected Behavior
OPTIONSandGETfrom remote web app to media endpoint should receive response headers containing CORS headers. Thus, preflight and actual GET can success:Actual Behavior
No CORS headers in response headers from remote web app to media endpoint. The code for media endpoint bypassed CORS related codes.
Environment