Skip to content
Datasette plugin for configuring CORS headers
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


PyPI CircleCI License

Datasette plugin for configuring CORS headers, based on

You can use this plugin to allow JavaScript running on a whitelisted set of domains to make fetch() calls to the JSON API provided by your Datasette instance.


pip install datasette-cors


You need to add some configuration to your Datasette metadata.json file for this plugin to take effect.

To whitelist specific domains, use this:

    "plugins": {
        "datasette-cors": {
            "hosts": [""]

You can also whitelist patterns like this:

    "plugins": {
        "datasette-cors": {
            "host_wildcards": ["https://*"]

Testing it

To test this plugin out, run it locally by saving one of the above examples as metadata.json and running this:

$ datasette --memory -m metadata.json

Now visit in your browser, open the browser developer console and paste in the following:

fetch("").then(r => r.json()).then(console.log)

If the plugin is running correctly, you will see the JSON response output to the console.

You can’t perform that action at this time.