{ "info": { "author": "Otto Yiu", "author_email": "otto@live.ca", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "Environment :: Web Environment", "Framework :: Django", "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.2", "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Topic :: Software Development :: Libraries :: Application Frameworks", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "django-cors-headers-multi\r\n=========================\r\n\r\nA Django App that adds CORS (Cross-Origin Resource Sharing) headers to responses.\r\n\r\nAlthough JSON-P is useful, it is strictly limited to GET requests. CORS builds on top of XmlHttpRequest to allow developers to make cross-domain requests, similar to same-domain requests. Read more about it here: [http://www.html5rocks.com/en/tutorials/cors/ ](http://www.html5rocks.com/en/tutorials/cors/)\r\n\r\n[![Build Status](https://travis-ci.org/ottoyiu/django-cors-headers.png?branch=master)](https://travis-ci.org/ottoyiu/django-cors-headers)\r\n\r\n## Setup ##\r\nInstall by downloading the source and running:\r\n\r\n> python setup.py install\r\n\r\nor\r\n\r\n> pip install django-cors-headers-multi\r\n\r\nand then add it to your installed apps:\r\n\r\n INSTALLED_APPS = (\r\n ...\r\n 'corsheaders',\r\n ...\r\n )\r\n\r\nYou will also need to add a middleware class to listen in on responses:\r\n\r\n MIDDLEWARE_CLASSES = (\r\n ...\r\n 'corsheaders.middleware.CorsMiddleware',\r\n 'django.middleware.common.CommonMiddleware',\r\n ...\r\n )\r\n\r\nNote that `CorsMiddleware` needs to come before Django's `CommonMiddleware` if you are using Django's `USE_ETAGS = True` setting, otherwise the CORS headers will be lost from the 304 not-modified responses, causing errors in some browsers.\r\n\r\n## Configuration ##\r\n\r\nAdd hosts that are allowed to do cross-site requests to `CORS_ORIGIN_WHITELIST` or set `CORS_ORIGIN_ALLOW_ALL` to `True` to allow all hosts.\r\n\r\n\r\n>CORS\\_ORIGIN\\_ALLOW\\_ALL: if True, the whitelist will not be used and all origins will be accepted\r\n\r\n Default:\r\n\r\n CORS_ORIGIN_ALLOW_ALL = False\r\n\r\n>CORS\\_ORIGIN\\_WHITELIST: specify a list of origin hostnames that are authorized to make a cross-site HTTP request\r\n\r\n Example:\r\n\r\n CORS_ORIGIN_WHITELIST = (\r\n 'google.com',\r\n 'hostname.example.com'\r\n )\r\n\r\n\r\n Default:\r\n\r\n CORS_ORIGIN_WHITELIST = ()\r\n\r\n>CORS\\_ORIGIN\\_REGEX\\_WHITELIST: specify a regex list of origin hostnames that are authorized to make a cross-site HTTP request; Useful when you have a large amount of subdomains for instance.\r\n\r\n Example:\r\n\r\n CORS_ORIGIN_REGEX_WHITELIST = ('^(https?://)?(\\w+\\.)?google\\.com$', )\r\n\r\n\r\n Default:\r\n\r\n CORS_ORIGIN_REGEX_WHITELIST = ()\r\n\r\n\r\n---\r\n\r\n\r\nYou may optionally specify these options in settings.py to override the defaults. Defaults are shown below:\r\n\r\n\r\n>CORS\\_URLS\\_REGEX: specify a URL regex for which to enable the sending of CORS headers; Useful when you only want to enable CORS for specific URLs, e. g. for a REST API under ``/api/``.\r\n\r\n Example:\r\n\r\n CORS_URLS_REGEX = r'^/api/.*$'\r\n\r\n Default:\r\n\r\n CORS_URLS_REGEX = '^.*$'\r\n\r\n>CORS\\_ALLOW\\_METHODS: specify the allowed HTTP methods that can be used when making the actual request\r\n\r\n Default:\r\n\r\n CORS_ALLOW_METHODS = (\r\n 'GET',\r\n 'POST',\r\n 'PUT',\r\n 'PATCH',\r\n 'DELETE',\r\n 'OPTIONS'\r\n )\r\n\r\n>CORS\\_ALLOW\\_HEADERS: specify which non-standard HTTP headers can be used when making the actual request\r\n\r\n Default:\r\n\r\n CORS_ALLOW_HEADERS = (\r\n 'x-requested-with',\r\n 'content-type',\r\n 'accept',\r\n 'origin',\r\n 'authorization',\r\n 'x-csrftoken'\r\n )\r\n\r\n>CORS\\_EXPOSE\\_HEADERS: specify which HTTP headers are to be exposed to the browser\r\n\r\n Default:\r\n\r\n CORS_EXPOSE_HEADERS = ()\r\n\r\n>CORS\\_PREFLIGHT\\_MAX\\_AGE: specify the number of seconds a client/browser can cache the preflight response\r\n\r\n Note: A preflight request is an extra request that is made when making a \"not-so-simple\" request (eg. content-type is not application/x-www-form-urlencoded) to determine what requests the server actually accepts. Read more about it here: [http://www.html5rocks.com/en/tutorials/cors/](http://www.html5rocks.com/en/tutorials/cors/)\r\n\r\n Default:\r\n\r\n CORS_PREFLIGHT_MAX_AGE = 86400\r\n\r\n>CORS\\_ALLOW\\_CREDENTIALS: specify whether or not cookies are allowed to be included in cross-site HTTP requests (CORS).\r\n\r\n Default:\r\n\r\n CORS_ALLOW_CREDENTIALS = False\r\n\r\n>CORS\\_REPLACE\\_HTTPS\\_REFERER: specify whether to replace the HTTP_REFERER header if CORS checks pass so that CSRF django middleware checks will work with https\r\n\r\n Note: With this feature enabled, you also need to add the corsheaders.middleware.CorsPostCsrfMiddleware after django.middleware.csrf.CsrfViewMiddleware to undo the header replacement\r\n\r\n Default:\r\n\r\n CORS_REPLACE_HTTPS_REFERER = False\r\n\r\n>CORS\\_ENDPOINT\\_OVERRIDES: a list of (regex, override) pairs that override settings for certain URLs.\r\n\r\n Example:\r\n\r\n CORS_ENDPOINT_OVERRIDES = [\r\n (r'/api/user/.*$', {\r\n 'CORS_ORIGIN_WHITELIST': ['https://secure.mydomain.com'],\r\n }),\r\n (r'/api/public/.*$', {\r\n 'CORS_ORIGIN_ALLOW_ALL': True,\r\n }),\r\n ]\r\n\r\n Default:\r\n\r\n CORS_ENDPOINT_OVERRIDES = []\r\n\r\n## Changelog ##\r\nv0.13 and onwards - [Release Notes](https://github.com/ottoyiu/django-cors-headers/releases)\r\n\r\nv0.12 - Added an option to selectively enable CORS only for specific URLs\r\n\r\nv0.11 - Added the ability to specify a regex for whitelisting many origin hostnames at once\r\n\r\nv0.10 - Introduced port distinction for origin checking; use ``urlparse`` for Python 3 support; added testcases to project\r\n\r\nv0.06 - Add support for exposed response headers\r\n\r\nv0.05 - fixed middleware to ensure correct response for CORS preflight requests\r\n\r\nv0.04 - add Access-Control-Allow-Credentials control to simple requests\r\n\r\nv0.03 - bugfix (repair mismatched default variable names)\r\n\r\nv0.02 - refactor/pull defaults into separate file\r\n\r\nv0.01 - initial release\r\n\r\n## Credits ##\r\nA shoutout to everyone who has contributed:\r\n\r\n- Otto Yiu - [@ottoyiu](https://github.com/ottoyiu)\r\n- Michael Tom-Wing - [@mtomwing](https://github.com/mtomwing)\r\n- Darrin Massena - [@darrinm](https://github.com/darrinm)\r\n- Paul Dufour - [@pdufour](https://github.com/pdufour)\r\n- Lukasz Balcerzak - [@lukaszb](https://github.com/lukaszb)\r\n- Keita Oouchi - [@keitaoouchi](https://github.com/keitaoouchi)\r\n- Orlando Pozo - [@opozo](https://github.com/opozo)\r\n- Toran Billups - [@toranb](https://github.com/toranb)\r\n- Raymond Penners - [@pennersr](https://github.com/pennersr)\r\n- Markus Kaiserswerth - [@mkai](https://github.com/mkai)\r\n- and many others! - [Contributors](https://github.com/ottoyiu/django-cors-headers/graphs/contributors)\r\n", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/mstriemer/django-cors-headers", "keywords": "django cors middleware rest api", "license": "MIT License", "maintainer": null, "maintainer_email": null, "name": "django-cors-headers-multi", "package_url": "https://pypi.org/project/django-cors-headers-multi/", "platform": "any", "project_url": "https://pypi.org/project/django-cors-headers-multi/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/mstriemer/django-cors-headers" }, "release_url": "https://pypi.org/project/django-cors-headers-multi/1.2.0/", "requires_dist": null, "requires_python": null, "summary": "django-cors-headers is a Django application for handling the server headers required for Cross-Origin Resource Sharing (CORS).", "version": "1.2.0" }, "last_serial": 2103136, "releases": { "1.2.0": [ { "comment_text": "", "digests": { "md5": "e56e5aa2f254fa4020cda5ec80f9af58", "sha256": "c40f17823aa59df3c064234cdc890c56667b5db1ea6aac0172c949dc5c42ed53" }, "downloads": -1, "filename": "django_cors_headers_multi-1.2.0-py2-none-any.whl", "has_sig": false, "md5_digest": "e56e5aa2f254fa4020cda5ec80f9af58", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 7725, "upload_time": "2016-05-06T19:28:48", "url": "https://files.pythonhosted.org/packages/00/7b/00f5ec580b0abc42e7c94de7532626f982a8bb048d9a776aff1d359d23f5/django_cors_headers_multi-1.2.0-py2-none-any.whl" }, { "comment_text": "", "digests": { "md5": "846f002e23ca0dd295a313823c2c4b6b", "sha256": "ca1ccf9fd549fe5447e8ba1d49656582651cd7682f78f62a7cd0f912b9359968" }, "downloads": -1, "filename": "django-cors-headers-multi-1.2.0.tar.gz", "has_sig": false, "md5_digest": "846f002e23ca0dd295a313823c2c4b6b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8036, "upload_time": "2016-05-06T19:28:39", "url": "https://files.pythonhosted.org/packages/3d/f6/d634426841202ec9b9a878f2154b56e7fb7c4a0a48fcdd4e958c0046a3cc/django-cors-headers-multi-1.2.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "e56e5aa2f254fa4020cda5ec80f9af58", "sha256": "c40f17823aa59df3c064234cdc890c56667b5db1ea6aac0172c949dc5c42ed53" }, "downloads": -1, "filename": "django_cors_headers_multi-1.2.0-py2-none-any.whl", "has_sig": false, "md5_digest": "e56e5aa2f254fa4020cda5ec80f9af58", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 7725, "upload_time": "2016-05-06T19:28:48", "url": "https://files.pythonhosted.org/packages/00/7b/00f5ec580b0abc42e7c94de7532626f982a8bb048d9a776aff1d359d23f5/django_cors_headers_multi-1.2.0-py2-none-any.whl" }, { "comment_text": "", "digests": { "md5": "846f002e23ca0dd295a313823c2c4b6b", "sha256": "ca1ccf9fd549fe5447e8ba1d49656582651cd7682f78f62a7cd0f912b9359968" }, "downloads": -1, "filename": "django-cors-headers-multi-1.2.0.tar.gz", "has_sig": false, "md5_digest": "846f002e23ca0dd295a313823c2c4b6b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8036, "upload_time": "2016-05-06T19:28:39", "url": "https://files.pythonhosted.org/packages/3d/f6/d634426841202ec9b9a878f2154b56e7fb7c4a0a48fcdd4e958c0046a3cc/django-cors-headers-multi-1.2.0.tar.gz" } ] }