Closed Tonkonozhenko closed 5 years ago
Ahh, yes. You are entirely correct. We depend on mutating the response object to know
whether or not CORS has been evaluated to ensure the decorator and the app-level middleware do not "fight". There may be a better way to handle this, but currently that is what we do, sadly.
Similarly, we mutate the headers dictionary, so reuse at that layer would cause problems as well. We could defensively copy, but that doesn't seem like a common pattern in Python.
Hi
We have a high-load service with like ~50rps on each container. In the app I have next endpoint:
I run the app in env with
GUNICORN_CMD_ARGS="-b 0.0.0.0:80 --workers 2 --threads 10"
.It looks like result of
Access-Control-Allow-Origin
is incorrect and it relates to the previous or other concurrent request.While writing the issue I realized that probably it's because of building Response outside of the action. WDYT about this?
Thanks, Alex