Feature #1299
Updated by Bernhard Koschiček-Krombholz about 4 years ago
There is now flask-cors implemented in the backend code. We use a decorator for the /api/ route to handle CORS. To specify, which sites are allowed to pull data from the /api/, a global variable in default.py named CORS_ALLOWANCE = '*' was created. So for now, people can change the CORS allowance through the production.py, where they can set CORS_ALLOWANCE to * (asterisk) to allow any sites or specify one or more sites with a string, regex or a list (cf. https://flask-cors.readthedocs.io/en/latest/api.html#decorator).
So for an easier usage, it would be nice to have the possibility to modify this also in the UI.
Wiki page: [[CORS]]