yougov / cherrypy-cors Goto Github PK

Hi,
I would like to integrate your pakage in my application.
I have a RoutesDispatcher more or less like this example.

Could you help me?
Thanks

In investigating #1, I tried using the decorator, as described in the docstrings, but when I did, it didn't work. I'm not sure if it was user error or a bug in the decorator, so more investigation is needed.

Originally reported by: Markus Bergholz (Bitbucket: markuman, GitHub: markuman)

A minimal runable example file would be very helpful. When searching for cherrypy_cors.install() on github, you get >10 different variations how people try using cherrypy_cors.

Currently I'm trying to receive a json object with @cherrypy.tools.json_in() from a HTML file whitch isn't served by cherrypy

#!html

<html>
<head>
<script>
function makeRequest()
{
    var xmlhttp = new XMLHttpRequest();   // new HttpRequest instance 
    xmlhttp.open("POST", "http://localhost:8080");
    xmlhttp.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
    xmlhttp.send(JSON.stringify({user:"John Rambo", time:"2pm"}));

}
</script>
</head>
<body>
<form name="frm1" id="yourTextBox" onsubmit="makeRequest()">
<input type="submit" value="Submit">
</form>
</body>
</html>

I hope you can help me.

• Bitbucket: https://bitbucket.org/yougov/cherrypy-cors/issue/1

According to the spec and the wikipedia simple example, the Origin header is a URI. If the URI has a scheme, cherrypy-cors doesn't match it.

Feature Request

Add support to expose() and preflight() for enabling CORS for specific domains.

Sample Usage

Decorator

DOMAIN_REGEX = re.compile('^sd[1-9]\.example\.org$')
ORIGINS = ['a.example.com', 'b.example.net', DOMAIN_REGEX]

class MyResource(object):

    @cherrypy_cors.tools.preflight(
        allowed_methods=['GET', 'DELETE', 'PUT'], origins=ORIGINS)
    def OPTIONS(self):
        self._delete()

    @cherrypy_cors.tools.expose(origins=ORIGINS)
    def DELETE(self):
        self._delete()

Configuration

            config = {
                '/resources': {
                    'cors.expose.on': True,
                    'cors.expose.origins': ['my.example.com', 'www.example.net'],
                    'cors.preflight.origins': ['my.example.com', 'www.example.net'],
                }
            }

Preferably, expose() and preflight() could read the origins parameter from a common config setting (I don't know whether cherrypy tools support that).

            config = {
                '/resources': {
                    'cors.expose.on': True,
                    'cors.origins': ['my.example.com', 'www.example.net'],
                }
            }

The project has been migrated to cherrypy/cherrypy-cors.

Without this, they aren't googlable.