Last active
December 6, 2022 14:13
-
-
Save mmerickel/1afaf64154b335b596e4 to your computer and use it in GitHub Desktop.
Revisions
-
mmerickel revised this gist
Dec 7, 2015 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -41,7 +41,7 @@ def add_cors_to_response(event): response = event.response if 'Origin' in request.headers: response.headers['Access-Control-Expose-Headers'] = ( 'Content-Type,Date,Content-Length,Authorization,X-Request-ID') response.headers['Access-Control-Allow-Origin'] = ( request.headers['Origin']) response.headers['Access-Control-Allow-Credentials'] = 'true' @@ -52,5 +52,5 @@ def cors_options_view(context, request): response.headers['Access-Control-Allow-Methods'] = ( 'OPTIONS,HEAD,GET,POST,PUT,DELETE') response.headers['Access-Control-Allow-Headers'] = ( 'Content-Type,Accept,Accept-Language,Authorization,X-Request-ID') return response -
Nov 9, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,56 @@ from pyramid.security import NO_PERMISSION_REQUIRED def includeme(config): config.add_directive( 'add_cors_preflight_handler', add_cors_preflight_handler) config.add_route_predicate('cors_preflight', CorsPreflightPredicate) config.add_subscriber(add_cors_to_response, 'pyramid.events.NewResponse') class CorsPreflightPredicate(object): def __init__(self, val, config): self.val = val def text(self): return 'cors_preflight = %s' % bool(self.val) phash = text def __call__(self, context, request): if not self.val: return False return ( request.method == 'OPTIONS' and 'Origin' in request.headers and 'Access-Control-Request-Method' in request.headers ) def add_cors_preflight_handler(config): config.add_route( 'cors-options-preflight', '/{catch_all:.*}', cors_preflight=True, ) config.add_view( cors_options_view, route_name='cors-options-preflight', permission=NO_PERMISSION_REQUIRED, ) def add_cors_to_response(event): request = event.request response = event.response if 'Origin' in request.headers: response.headers['Access-Control-Expose-Headers'] = ( 'Content-Type,Authorization,X-Request-ID') response.headers['Access-Control-Allow-Origin'] = ( request.headers['Origin']) response.headers['Access-Control-Allow-Credentials'] = 'true' def cors_options_view(context, request): response = request.response if 'Access-Control-Request-Headers' in request.headers: response.headers['Access-Control-Allow-Methods'] = ( 'OPTIONS,HEAD,GET,POST,PUT,DELETE') response.headers['Access-Control-Allow-Headers'] = ( 'Content-Type,Authorization,X-Request-ID') return response This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,10 @@ def main(global_config, **app_settings): config = Configurator() config.include('.cors') # make sure to add this before other routes to intercept OPTIONS config.add_cors_preflight_handler() config.add_route(...) return config.make_wsgi_app()