Open ghost opened 6 years ago
Hey Luis,
CORS is only useful from a security perspective when the client is a web browser. Flask-CORS doesn’t itself block requests, but informs browsers of how a resource may be used.
If “external” means “from another domain” then CORS is right for you.
On Sun, Aug 5, 2018 at 2:06 PM luizsouzax notifications@github.com wrote:
Using
app = Flask(name)
CORS( oauth, resources={r'http://localhost:5000/api/*': {'origins': 'http://localhost:5000/'}} )
I blocked the external requests to Api Blueprint routes ? Using CORS to this purpose is adequate or I need to find another solution ?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/corydolphin/flask-cors/issues/230, or mute the thread https://github.com/notifications/unsubscribe-auth/AAbRqVRFFksYpbiIGXS97wGAFXFNfX0cks5uN15kgaJpZM4VviR5 .
Using
I blocked the external requests to
/api/*
routes. Use CORS to this purpose is adequate or I need to find another solution to block external requests in some routes ?