CORS support for Morepath
Project description
more.cors: CORS support for Morepath
This package adds CORS support to Morepath.
Quick start
Install more.cors:
$ pip install -U more.cors
Extend your App class from CORSApp:
from more.cors import CORSApp
class App(CORSApp):
pass
This will add basic CORS support to your Morepath app.
Settings
more.cors provides settings in the ‘cors’ section. Here are the defaults:
@App.setting_section(section='cors')
def cors_settings():
return {
'allowed_verbs': ['GET', 'PUT', 'POST', 'PATCH', 'DELETE', 'OPTIONS'],
'allowed_origin': '*',
'expose_headers': ['Content-Type', 'Authorization'],
'allowed_headers': ['Content-Type', 'Authorization'],
'max_age': 60,
'allow_credentials': False
}
The following settings are available:
- allowed_verbs
A list of allowed HTTP request methods.
- allowed_origin
A URI that may access the resource. For requests without credentials, “*” can be used as a wildcard, allowing any origin to access the resource.
- expose_headers
A list of HTTP headers which can be exposed as part of the response.
- allowed_headers
A list of HTTP headers which can be used during the actual request.
- max_age
Maximum number of seconds the results of a preflight request can be cached.
- allow_credentials
Boolean which indicates whether or not the actual request can be made using credentials. Credentials are cookies, authorization headers or TLS client certificates.
Specify CORS settings for a single view
more.cors exposes the App.cors() class method. This can be used to specify settings for a single view:
App.cors(
model=Root,
view_name='view2',
allowed_headers=['Cache-Control'],
expose_headers=['Cookie'],
allowed_origin='http://foo.com',
allow_credentials=True,
max_age=10
)
- model
Specifies the corresponding view model.
- view_name
Is needed when you use a named view.
- allowed_headers, expose_headers, allowed_origin, allow_credentials, max_age
The settings which can be specified. For details see Settings.
CHANGES
0.3 (2020-04-26)
Removed: Removed support for Python 2.
You have to upgrade to Python 3 if you want to use this version.
Added support for Python 3.7 and 3.8 and PyPy 3.6.
Make Python 3.7 the default testing environment.
Add integration for the Black code formatter.
0.2 (2018-06-11)
Fix list of allowed verbs for failed (unauthorized) preflight (see PR #4).
0.1 (2018-06-08)
Initial public release
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for more.cors-0.3-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | db372914edaafc1ebae57bb7c4c9307a721c17c2cba7fb52ae95dc23a0cb7b4f |
|
MD5 | d2826635452ad1037f4880422313d2a5 |
|
BLAKE2b-256 | a77cda1f2ed3e08ad5677ab510fbb105d5eed6f16ea7976dcc137affd66a7ff0 |