CORS¶

To allow Cross Origin Resource Sharing (CORS), OpenAtlas API uses flask-cors. Every path of the /api/ is protected, but the access can come from everywhere right now ('*')

cors = CORS(app, resources={r"/api/*": {"origins": app.config['CORS_ALLOWANCE']}})

Origins point to a global variable, which can be changed in the instance/production.py. Default value:

 CORS_ALLOWANCE = '*'

The value can be a case-sensitive string, for a single point of origin, a regex expression, a list or an asterisk (*) as wildcard.
Examples:

CORS_ALLOWANCE = 'https://thanados.net/'
CORS_ALLOWANCE = ['https://thanados.net/', 'https://openatlas.eu/']
CORS_ALLOWANCE = r'^((https?:\/\/)?.*?([\w\d-]*\.[\w\d]+))($|\/.*$)'

Links¶

https://flask-cors.readthedocs.io/

Files (0)

Updated by Bernhard Koschiček-Krombholz almost 4 years ago · 6 revisions

Also available in: PDF HTML TXT

Project

General

Profile

OpenAtlas

Wiki

CORS¶

Links¶