osharim · July 30, 2014 23:00 · Jan 16, 2013 · Oct 7, 2012
diff --git a/gistfile1.py b/gistfile1.py
@@ -1,6 +1,30 @@
-class CORSResource(ModelResource):
-
+class CORSResource(object):
+    """
+    Adds CORS headers to resources that subclass this.
+    """
     def create_response(self, *args, **kwargs):
         response = super(CORSResource, self).create_response(*args, **kwargs)
         response['Access-Control-Allow-Origin'] = '*'
-        return response
+        response['Access-Control-Allow-Headers'] = 'Content-Type'
+        return response
+
+    def method_check(self, request, allowed=None):
+        if allowed is None:
+            allowed = []
+
+        request_method = request.method.lower()
+        allows = ','.join(map(str.upper, allowed))
+
+        if request_method == 'options':
+            response = HttpResponse(allows)
+            response['Access-Control-Allow-Origin'] = '*'
+            response['Access-Control-Allow-Headers'] = 'Content-Type'
+            response['Allow'] = allows
+            raise ImmediateHttpResponse(response=response)
+
+        if not request_method in allowed:
+            response = http.HttpMethodNotAllowed(allows)
+            response['Allow'] = allows
+            raise ImmediateHttpResponse(response=response)
+
+        return request_method
diff --git a/gistfile1.py b/gistfile1.py
@@ -0,0 +1,6 @@
+class CORSResource(ModelResource):
+
+    def create_response(self, *args, **kwargs):
+        response = super(CORSResource, self).create_response(*args, **kwargs)
+        response['Access-Control-Allow-Origin'] = '*'
+        return response
No results found