Comments (5)
Released!
from flask-cors.
Hi Dustin,
Thanks for writing in. The one other change I want to squeeze in for 3.0.0 is to better support exception handling by dropping down to a WSGI middleware.
It will probably be about a week until I get to it, honestly.
If you are willing, you can reference this commit explicitly in your requirements.txt to install the current master.
I.E.
pip install git+git://github.com/corydolphin/flask-cors.git@ b58ace7b3666fad42d80d23137e353adfe04b1d6
Let me know if that helps. I'd also love feedback on the send_always approach I've taken and if it matches your expectations.
Thanks,
Cory
from flask-cors.
@corydolphin since you're asking about the send_always
option, I'll leave my 2cents here.
Not sending CORS headers unless the Origin
header is sent with the request has caused some confusion in my team about whether CORS was enabled or configured properly. Enabling this option by default is a good choice in my opinion (unless the specifications for CORS require this, but I was not able to determine this).
from flask-cors.
I spoke too soon: #176
from flask-cors.
@joshfriend I echo that confusion, I followed up on that issue directly.
from flask-cors.
Related Issues (20)
- enforcing same origin policy with flask-cors HOT 14
- Next.JS API Call to Flask API POST Endpoint - `Access-Control-Allow-Credentials` is not set properly
- Package prints unexpected DEBUG messages when app runs HOT 2
- Unknown keyword arguments silently ignored HOT 2
- Want to know the next version update time. HOT 1
- Project is dead? HOT 2
- CORS partially fails when making requests with axios in React HOT 3
- Access to fetch at 'http://127.0.0.1:5000/account/summary' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. HOT 2
- v4.0.0 isn't in CHANGELOG.md HOT 1
- two releases 4.0.0 and v4.0.0 HOT 2
- All private network requests unintentionally allowed
- Random Access-Control-Allow-Origin value being returned if Origin request header is not provided HOT 1
- The `4.0.0` release is incorrectly marked as supporting Python 2
- Who to contact for security issues HOT 2
- appropriate citation for the module? HOT 3
- python 3.12 HOT 2
- CORS issue
- Read the Docs is configured to build from a non-existent branch HOT 2
- CVE-2024-1681 response/patching HOT 2
- Security Issue CVE-2024-1681 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flask-cors.