I setup a simple flask application. I specified certain origins that i only want requests from. However, I can still access the resources from other hosts that are not inside this origins array
from flask import Flask
from flask_cors import CORS
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
# Network Information
HOST = '0.0.0.0'
PORT = 7000
# Setup Flask Web Application
app = Flask(__name__)
app.config['SECRET_KEY'] = 'helloewresfd'
app.config['CORS_HEADERS'] = 'Content-Type'
cors = CORS(app, resources={r"/foo": {"origins": ["http://localhost:8000", "http://mywebsite.example.com"]
}})
# Limit requests per Remote IP
limiter = Limiter(
app,
key_func=get_remote_address,
default_limits=["200 per day", "50 per hour"]
)
@app.route('/api/home', methods=['GET'])
def home():
return ('Test Request')
if __name__ == '__main__':
app.run(host=HOST, port=PORT)
Hi,
I setup a simple flask application. I specified certain origins that i only want requests from. However, I can still access the resources from other hosts that are not inside this origins array