apifrom.utils.corsο
Overviewο
Functions
Functionsο
- apifrom.utils.cors.get_cors_headers(origin, allow_origins=None, allow_methods=None, allow_headers=None, allow_credentials=False, expose_headers=None, max_age=600)[source]ο
Generate CORS headers based on the provided configuration.
- param origin:
The request origin
- param allow_origins:
List of allowed origins or β*β for all origins
- param allow_methods:
List of allowed HTTP methods
- param allow_headers:
List of allowed HTTP headers
- param allow_credentials:
Whether to allow credentials
- param expose_headers:
List of headers to expose to the client
- param max_age:
Max age for preflight requests caching
- returns:
Dictionary with CORS headers
- apifrom.utils.cors.handle_cors_preflight(origin, request_method, request_headers=None, allow_origins=None, allow_methods=None, allow_headers=None, allow_credentials=False, max_age=600)[source]ο
Handle a CORS preflight request and generate appropriate headers.
- param origin:
The request origin
- param request_method:
The requested method
- param request_headers:
The requested headers
- param allow_origins:
List of allowed origins or β*β for all origins
- param allow_methods:
List of allowed HTTP methods
- param allow_headers:
List of allowed HTTP headers
- param allow_credentials:
Whether to allow credentials
- param max_age:
Max age for preflight requests caching
- returns:
Dictionary with CORS headers for the preflight response
Check if a request is a CORS preflight request.
- param method:
The HTTP method
- param headers:
The request headers
- returns:
True if the request is a CORS preflight request, False otherwise
Validate if the given origin is allowed based on the allowed_origins configuration.
- param origin:
The origin to validate
- param allowed_origins:
List of allowed origins or β*β for all origins
- returns:
True if the origin is allowed, False otherwise