Shulou(Shulou.com)06/02 Report--

Python how to use Flask to solve cross-domain problems, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

1. Import the library pip install flask-cors2. Configuration

There are two uses of flask-cors, one for global use and one for specified routes.

1. Use the CORS function to configure global routing from flask import Flask, requestfrom flask_cors import CORSapp = Flask (_ _ name__) CORS (app, supports_credentials=True)

CORS provides some parameters to help us customize the operation.

We can configure origins, methods, allow_headers and supports_credentials in common use.

All configuration items are as follows:

Param resources: The series of regular expression and (optionally) associated CORS options to be applied to the given resource path. If the argument is a dictionary, it's keys must be regular expressions, and the values must be a dictionary of kwargs, identical to the kwargs of this function. If the argument is a list, it is expected to be a list of regular expressions, for which the app-wide configured options are applied. If the argument is a string, it is expected to be a regular expression for which the app-wide configured options are applied. Default: Match all and apply app-level configuration:type resources: dict, iterable or string:param origins: The origin, or list of origins to allow requests from. The origin (s) may be regular expressions, case-sensitive strings, or else an asterisk Default:'*': type origins: list, string or regex:param methods: The method or list of methods which the allowed origins are allowed to access for non-simple requests. Default: [GET, HEAD, POST, OPTIONS, PUT, PATCH, DELETE]: type methods: list or string:param expose_headers: The header or list which are safe to expose to the API of a CORS API specification. Default: None:type expose_headers: list or string:param allow_headers: The header or list of header field names which can be used when this resource is accessed by allowed origins. The header (s) may be regular expressions, case-sensitive strings, or else an asterisk. Default:'*, allow all headers:type allow_headers: list, string or regex:param supports_credentials: Allows users to make authenticated requests. If true, injects the `Access-Control-Allow- Credentials` header in responses. This allows cookies and credentials to be submitted across domains. : note: This option cannot be used in conjuction with a'* 'origin Default: False:type supports_credentials: bool:param max_age: The maximum time for which this CORS request maybe cached. This value is set as the `Access-Control-Max- Age` header. Default: None:type max_age: timedelta, integer, string or None:param send_wildcard: If True, and the origins parameter is `*`, a wildcard `Access-Control-Allow- Origin` header is sent, rather than the request's `Origin` header. Default: False:type send_wildcard: bool:param vary_header: If True, the header Vary: Origin will be returned as per the W3 implementation guidelines. Setting this header when the `Access-Control-Allow- Origin` is dynamically generated (e.g. When there is more than one allowed origin, and an Origin than'*'is returned) informs CDNs and other caches that the CORS headers are dynamic, and cannot be cached. If False, the Vary header will never be injected or altered. Default: True:type vary_header: bool2. Use @ cross_origin to configure one-way routing from flask import Flask, requestfrom flask_cors import cross_originapp = Flask (_ _ name__) @ app.route ('/') @ cross_origin (supports_credentials=True) def hello (): name = request.args.get ("name", "World") return f'Hello, {name}!'

Where cross_origin and CORS provide some basically the same parameters.

We can configure origins, methods, allow_headers and supports_credentials in common use.

All configuration items are as follows:

: param origins: The origin, or list of origins to allow requests from. The origin (s) may be regular expressions, case-sensitive strings, or else an asterisk Default:'*': type origins: list, string or regex:param methods: The method or list of methods which the allowed origins are allowed to access for non-simple requests. Default: [GET, HEAD, POST, OPTIONS, PUT, PATCH, DELETE]: type methods: list or string:param expose_headers: The header or list which are safe to expose to the API of a CORS API specification. Default: None:type expose_headers: list or string:param allow_headers: The header or list of header field names which can be used when this resource is accessed by allowed origins. The header (s) may be regular expressions, case-sensitive strings, or else an asterisk. Default:'*, allow all headers:type allow_headers: list, string or regex:param supports_credentials: Allows users to make authenticated requests. If true, injects the `Access-Control-Allow- Credentials` header in responses. This allows cookies and credentials to be submitted across domains. : note: This option cannot be used in conjuction with a'* 'origin Default: False:type supports_credentials: bool:param max_age: The maximum time for which this CORS request maybe cached. This value is set as the `Access-Control-Max- Age` header. Default: None:type max_age: timedelta, integer, string or None:param send_wildcard: If True, and the origins parameter is `*`, a wildcard `Access-Control-Allow- Origin` header is sent, rather than the request's `Origin` header. Default: False:type send_wildcard: bool:param vary_header: If True, the header Vary: Origin will be returned as per the W3 implementation guidelines. Setting this header when the `Access-Control-Allow- Origin` is dynamically generated (e.g. When there is more than one allowed origin, and an Origin than'*'is returned) informs CDNs and other caches that the CORS headers are dynamic, and cannot be cached. If False, the Vary header will never be injected or altered. Default: True:type vary_header: bool:param automatic_options: Only applies to the `cross_ room` decorator. If True, Flask-CORS will override Flask's default OPTIONS handling to return CORS headers for OPTIONS requests. Default: True:type automatic_options: bool configuration parameter description parameter type Head default description resources dictionary, iterator or string not all configured to allow cross-domain routing interfaces origins list, string or regular expression Access-Control-Allow-Origin* configuration allows cross-domain access to the source methods list, string Access-Control-Allow-Methods [GET, HEAD, POST, OPTIONS, PUT, PATCH DELETE] configure cross-domain supported request methods expose_headers list, string Access-Control-Expose-HeadersNone custom request response Head information allow_headers list, string or regular expression Access-Control-Request-Headers* configuration allows cross-domain request headers supports_credentials Boolean value Access-Control-Allow-CredentialsFalse whether to allow requests to send cookiemax_agetimedelta, integers, Is it helpful for you to read the above content after reading the validity period of the string Access-Control-Max-AgeNone pre-check request? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.