njmattes
commented
8 years ago For the time being, I'm running the API behind uWSGI and NGINX, and adding this header in the NGINX configuration. It may be that we want to explicitly add it in the flask app so that it doesn't depend on the particulars of the deployment.
API responses need to include an Access-Control-Allow-Origin header (which can have the value *) in order to support cross domain access from the ATLAS domain.