./www/py-flask-cors, Flask extension for handling Cross Origin Resource Sharing (CORS)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.0.9, Package name: py37-flask-cors-3.0.9, Maintainer: kleink

A Flask extension for handling Cross Origin Resource Sharing (CORS),
making cross-origin AJAX possible.

This package has a simple philosophy, when you want to enable CORS, you
wish to enable it for all use cases on a domain. This means no mucking
around with different allowed headers, methods, etc. By default,
submission of cookies across domains is disabled due to the security
implications, please see the documentation for how to enable
credential'ed requests, and please make sure you add some sort of
CSRF protection before doing so!


Required to run:
[devel/py-setuptools] [www/py-flask] [lang/py-six] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: b00978470024b7124b66c92dd6c08654e9be4fe9
RMD160: 38173d14aafbf4b3c1ecf15f5f34d2885b48ee70
Filesize: 28.357 KB

Version history: (Expand)


CVS history: (Expand)


   2020-08-31 23:53:43 by Klaus Klein | Files touched by this commit (2) | Package updated
Log message:
py-flask-cors: Update to 3.0.9.

## 3.0.9
### Security
 - Escape path before evaluating resource rules (thanks to Colby Morgan).
   Prior to this, flask-cors incorrectly evaluated CORS resource matching
   before path expansion. E.g. "/api/../foo.txt" would incorrectly match
   resources for "/api/*" whereas the path actually expands simply to
   "/foo.txt"
   2019-06-10 10:55:42 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-flask-cors: updated to 3.0.8

3.0.8:
DeprecationWarning: Using or importing the ABCs from 'collections' instead of \ 
from 'collections.abc' is deprecated, and in 3.8 it will stop working
   2019-01-07 19:02:45 by Klaus Klein | Files touched by this commit (4)
Log message:
www/py-flask-cors: Import Flask-Cors 3.0.7.

A Flask extension for handling Cross Origin Resource Sharing (CORS),
making cross-origin AJAX possible.

This package has a simple philosophy, when you want to enable CORS, you
wish to enable it for all use cases on a domain. This means no mucking
around with different allowed headers, methods, etc. By default,
submission of cookies across domains is disabled due to the security
implications, please see the documentation for how to enable
credential'ed requests, and please make sure you add some sort of
CSRF protection before doing so!