Closed rgbkrk closed 7 years ago
:+1:
Do we only need to set the default value of Access-Control-Allow-Methods
to GET, PUT, POST, PATCH, DELETE, OPTIONS'
?
I think so.
@rgbkrk I got back into this. Adding the OPTIONS
to allow-methods did not do the trick.
curl -X OPTIONS https://tmpnb.org/api/spawn
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1346, in _execute
result = method(*self.path_args, **self.path_kwargs)
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 225, in options
raise HTTPError(405)
HTTPError: HTTP 405: Method Not Allowed
We need to respond to OPTIONS requests with the CORS headers we care about. This was done in the main notebook.