Solve Cross Origin Resource Sharing with Flask
For the following ajax post request for Flask (how can I use data posted from ajax in flask?):
$.ajax({
url: \"http://127.0.0.1
-
I might be a late on this question but below steps fixed the issue
from flask import Flask from flask_cors import CORS app = Flask(__name__) CORS(app)讨论(0) -
I used decorator given by Armin Ronacher with little modifications (due to different headers that are requested by the client).And that worked for me. (where I use angular as the requester requesting application/json type).
The code is slightly modified at below places,
from flask import jsonify @app.route('/my_service', methods=['POST', 'GET','OPTIONS']) @crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type']) def my_service(): return jsonify(foo='cross domain ftw')jsonify will send a application/json type, else it will be text/html. headers are added as the client in my case request for those headers
const httpOptions = { headers: new HttpHeaders({ 'Content-Type': 'application/json', 'Access-Control-Allow-Origin':'*' }) }; return this.http.post<any>(url, item,httpOptions)讨论(0) -
Note that setting the
Access-Control-Allow-Originheader in the Flask response object is fine in many cases (such as this one), but it has no effect when serving static assets (in a production setup, at least). That's because static assets are served directly by the front-facing web server (usually Nginx or Apache). So, in that case, you have to set the response header at the web server level, not in Flask.For more details, see this article that I wrote a while back, explaining how to set the headers (in my case, I was trying to do cross-domain serving of Font Awesome assets).
Also, as @Satu said, you may need to allow access only for a specific domain, in the case of JS AJAX requests. For requesting static assets (like font files), I think the rules are less strict, and allowing access for any domain is more accepted.
讨论(0)
加载中...
- 热议问题