Permitting CORS in Flask

4
votes

I've a flask endpoint where I've permitted CORS in the following manner. 

app = Flask(__name__)
CORS(app, resources={r"/api/*": {"origins": "*"}})
app.register_blueprint(store, url_prefix='/api/')

I still run into the following issue.

Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. Origin 'http://something.com:8888' is therefore not allowed access.

Any suggestions as to how I can fix this.

1
pythonflaskcorsflask-cors
change the CORS parameters to CORS(app, resources={r"/*": {"origins": "*"}}) - Anand Tripathi

1 Answers

2
votes

try this:

#Add these imports
from flask import jsonify
from flask_cors import CORS

#Add an app level config in this format
app = Flask(__name__)
CORS(autoINFER_app, resources={r"/*": {"origins": "*"}}, send_wildcard=True)

#While returning the GETs add this line
response = jsonify(all_dict)
response.headers.add('Access-Control-Allow-Origin', '*')
return response

This should take care of all permutations which might cause this.