Permitting CORS in Flask

Question

I've a flask endpoint where I've permitted CORS in the following manner.

app = Flask(__name__)
CORS(app, resources={r"/api/*": {"origins": "*"}})
app.register_blueprint(store, url_prefix='/api/')

I still run into the following issue.

Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. Origin 'http://something.com:8888' is therefore not allowed access.

Any suggestions as to how I can fix this.

change the CORS parameters to `CORS(app, resources={r"/*": {"origins": "*"}})` — Anand Tripathi, Jun 22 '18 at 07:27

score 2 · Answer 1 · edited Jun 22 '18 at 07:49

try this:

#Add these imports
from flask import jsonify
from flask_cors import CORS

#Add an app level config in this format
app = Flask(__name__)
CORS(autoINFER_app, resources={r"/*": {"origins": "*"}}, send_wildcard=True)

#While returning the GETs add this line
response = jsonify(all_dict)
response.headers.add('Access-Control-Allow-Origin', '*')
return response

This should take care of all permutations which might cause this.

Permitting CORS in Flask

1 Answers1