CORS Policy Tester
Test and debug CORS configurations with simulated browser scenarios.
CorsPolicyTester.originsHint
HĂ€ufig gestellte Fragen
Code-Implementierung
# CORS headers generator (Flask example)
from flask import Flask, request, jsonify
app = Flask(__name__)
CORS_CONFIG = {
"allowed_origins": ["https://example.com", "https://app.example.com"],
"allowed_methods": ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
"allowed_headers": ["Content-Type", "Authorization", "X-Requested-With"],
"allow_credentials": True,
"max_age": 86400,
}
def add_cors_headers(response, origin):
allowed = CORS_CONFIG["allowed_origins"]
if origin in allowed or "*" in allowed:
response.headers["Access-Control-Allow-Origin"] = origin
if CORS_CONFIG["allow_credentials"]:
response.headers["Access-Control-Allow-Credentials"] = "true"
response.headers["Access-Control-Allow-Methods"] = ", ".join(CORS_CONFIG["allowed_methods"])
response.headers["Access-Control-Allow-Headers"] = ", ".join(CORS_CONFIG["allowed_headers"])
response.headers["Access-Control-Max-Age"] = str(CORS_CONFIG["max_age"])
return response
@app.before_request
def handle_preflight():
if request.method == "OPTIONS":
response = app.make_default_options_response()
return add_cors_headers(response, request.headers.get("Origin", ""))
@app.after_request
def apply_cors(response):
origin = request.headers.get("Origin", "")
return add_cors_headers(response, origin)
@app.route("/api/data")
def data():
return jsonify({"message": "CORS configured successfully"})Comments & Feedback
Comments are powered by Giscus. Sign in with GitHub to leave a comment.