# Flask CORS *** **1. Enabling CORS for All Origins:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **2. Specifying Allowed Origins:** ```python from flask import Flask, jsonify from flask_cors import CORS origins = ['http://localhost:3000', 'https://example.com'] app = Flask(__name__) CORS(app, origins=origins) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **3. Configuring CORS Headers:** ```python from flask import Flask, jsonify from flask_cors import CORS headers = ['Content-Type', 'Authorization'] app = Flask(__name__) CORS(app, headers=headers) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **4. Enabling CORS Preflight Requests:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, supports_credentials=True) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **5. Exposing Headers in CORS Preflight Responses:** ```python from flask import Flask, jsonify from flask_cors import CORS headers = ['X-Custom-Header'] app = Flask(__name__) CORS(app, expose_headers=headers) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **6. Customizing CORS Cache Control:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, max_age=3600) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **7. Automatically Setting CORS Headers:** ```python from flask import Flask, jsonify from flask_cors import cross_origin app = Flask(__name__) @app.route('/api') @cross_origin() def api(): return jsonify({'message': 'Hello, world!'}) ``` **8. Restricting CORS for Specific Routes:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, resources={r'/api/*': {'origins': 'http://localhost:3000'}}) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **9. Using CORS with Preflight Request Only:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, send_wildcard=True, automatic_options=True) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **10. Allowing CORS for Debugging:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, origins=['http://localhost:5000'], debug=True) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **11. Setting CORS Headers Based on Origin:** ```python from flask import Flask, jsonify from flask_cors import CORS origins = {'http://localhost:3000': {'headers': ['Content-Type', 'Authorization']}} app = Flask(__name__) CORS(app, origins=origins) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **12. Adding CORS Headers to Preflight Request:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, send_wildcard=True, automatic_options=True, max_age=3600) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **13. Excluding Preflight Requests:** ```python from flask import Flask, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app, supports_credentials=True, automatic_options=False) @app.route('/api') def api(): return jsonify({'message': 'Hello, world!'}) ``` **14. Using CORS with RESTful API:** ```python from flask import Flask, request, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/api/', methods=['GET', 'PUT', 'DELETE']) def api(id): # Handle RESTful API requests if request.method == 'GET': return jsonify({'message': 'Get data for id: {}'.format(id)}) elif request.method == 'PUT': return jsonify({'message': 'Update data for id: {}'.format(id)}) elif request.method == 'DELETE': return jsonify({'message': 'Delete data for id: {}'.format(id)}) ``` **15. Configuring CORS for JWT Tokens:** ```python from flask import Flask, jsonify from flask_cors import CORS from jwt import encode, decode, ExpiredSignatureError app = Flask(__name__) CORS(app, supports_credentials=True) # Generate JWT token token = encode({'user': 'admin', 'exp': datetime.utcnow() + timedelta(minutes=30)}, 'secret', algorithm='HS256') @app.route('/api', methods=['GET']) def api(): if 'Authorization' not in request.headers: return jsonify({'error': 'Authorization header is missing'}), 401 token = request.headers['Authorization'].split()[1] try: data = decode(token, 'secret', algorithms=['HS256']) except ExpiredSignatureError: return jsonify({'error': 'Token has expired'}), 401 return jsonify({'data': 'Protected data'}) ``` **16. Enabling CORS with Basic Authentication:** ```python from flask import Flask, request, jsonify from flask_cors import CORS from werkzeug.security import check_password_hash app = Flask(__name__) CORS(app) # Check basic authentication credentials def basic_auth(username, password): return username == 'admin' and check_password_hash('pbkdf2:sha256:150000$tHu7N8dL$06541de2212ac9796d8577d7bb9d2a272678d1893a7448979344f31d0c15f784', password) @app.route('/api', methods=['GET']) def api(): if not request.authorization or not basic_auth(request.authorization.username, request.authorization.password): return jsonify({'error': 'Unauthorized'}), 401 return jsonify({'data': 'Protected data'}) ``` **17. Using CORS with Session Authentication:** ```python from flask import Flask, request, jsonify from flask_cors import CORS from flask_session import Session app = Flask(__name__) CORS(app) app.secret_key = 'secret' app.config['SESSION_TYPE'] = 'filesystem' Session(app) @app.route('/api', methods=['GET']) def api(): if not 'user' in session: session['user'] = 'admin' return jsonify({'data': 'Protected data'}) ``` **18. Enabling CORS for CSRF Protection:** ```python from flask import Flask, request, jsonify from flask_cors import CORS from flask_wtf.csrf import CSRFProtect app = Flask(__name__) CORS(app) csrf = CSRFProtect(app) @app.route('/api', methods=['POST']) def api(): if not csrf.validate_csrf(request.form.get('csrf_token')): return jsonify({'error': 'CSRF token is invalid'}), 403 # Handle data submission return jsonify({'message': 'Data submitted successfully'}) ``` **19. Using CORS with Celery Tasks:** ```python from celery import Celery from flask_cors import CORS app = Flask(__name__) app.config['CELERY_BROKER_URL'] = 'redis://localhost:6379' app.config['CELERY_RESULT_BACKEND'] = 'redis://localhost:6379' celery = Celery(app.name, broker=app.config['CELERY_BROKER_URL']) CORS(app) @celery.task def send_email(email): # Send email using a third-party library pass ``` **20. Enabling CORS for SocketIO:** ```python from flask_socketio import SocketIO from flask import Flask from flask_cors import CORS app = Flask(__name__) socketio = SocketIO(app, cors_allowed_origins='*') CORS(app) @socketio.on('message') def handle_message(data): # Handle incoming SocketIO messages pass ``` **21. Using CORS with React:** ```python from flask import Flask from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/') def index(): return '''

Flask CORS Example

''' ``` **22. CORS with Angular:** ```python from flask import Flask from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/') def index(): return '''

Flask CORS Example

''' ``` **23. CORS with Vue.js:** ```python from flask import Flask from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/') def index(): return '''

Flask CORS Example

''' ``` **24. Using CORS with Axios:** ```python from flask import Flask from flask_cors import CORS import requests app = Flask(__name__) CORS(app) @app.route('/api') def api(): return requests.get('https://example.com/api').json() ``` **25. CORS with Fetch API:** ```python from flask import Flask from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/api') def api(): return jsonify({'message': 'Hello from Flask!'}) ``` ```javascript fetch('http://localhost:5000/api', { headers: { 'Accept': 'application/json', 'Content-Type': 'application/json' } }) .then(res => res.json()) .then(data => console.log(data.message)) .catch(err => console.error(err)); ``` **26. Using CORS with JQuery:** ```python from flask import Flask from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/api') def api(): return jsonify({'message': 'Hello from Flask!'}) ``` ```javascript $.ajax({ url: 'http://localhost:5000/api', type: 'GET', headers: { 'Accept': 'application/json', 'Content-Type': 'application/json' }, success: function(data) { console.log(data.message); }, error: function(err) { console.error(err); } }); ``` **27. Enabling CORS for PDF Generation:** ```python from flask import Flask, send_file from flask_cors import CORS from weasyprint import HTML app = Flask(__name__) CORS(app) @app.route('/pdf') def pdf(): html = HTML(string='

Hello from PDF!

').write_pdf() return send_file(html, mimetype='application/pdf') ``` **28. Using CORS for Image Processing:** ```python from flask import Flask, request, send_file from flask_cors import CORS from PIL import Image app = Flask(__name__) CORS(app) @app.route('/process', methods=['POST']) def process(): image = Image.open(request.files['image']) image = image.resize((128, 128)) output_buffer = BytesIO() image.save(output_buffer, format='JPEG') return send_file(output_buffer, mimetype='image/jpeg') ``` **29. CORS for Audio Streaming:** ```python from flask import Flask, send_file from flask_cors import CORS from io import BytesIO app = Flask(__name__) CORS(app) @app.route('/stream') def stream(): audio_file = BytesIO() # Generate audio data and write it to the buffer audio_file.seek(0) return send_file(audio_file, mimetype='audio/mp3') ``` **30. Using CORS for File Uploads:** ```python from flask import Flask, request from flask_cors import CORS import os app = Flask(__name__) CORS(app) @app.route('/upload', methods=['POST']) def upload(): file = request.files['file'] file.save(os.path.join('uploads', file.filename)) return 'File uploaded successfully' ``` **31. Enabling CORS for Chat Applications:** ```python from flask import Flask, request, jsonify from flask_cors import CORS from uuid import uuid4 app = Flask(__name__) CORS(app) users = {} @app.route('/connect') def connect(): user_id = str(uuid4()) users[user_id] = {'messages': []} return jsonify({'user_id': user_id}) @app.route('/message', methods=['POST']) def message(): data = request.get_json() user_id = data['user_id'] message = data['message'] users[user_id]['messages'].append(message) return jsonify({'status': 'OK'}) ``` **32. Using CORS for Location Tracking:** ```python from flask import Flask, request, jsonify from flask_cors import CORS app = Flask(__name__) CORS(app) @app.route('/location', methods=['POST']) def location(): data = request.get_json() latitude = data['latitude'] longitude = data['longitude'] # Process location data and store it in a database return jsonify({'status': 'OK'}) ``` **33. CORS for Real-Time Data Visualization:** ```python from flask import Flask, jsonify from flask_cors import CORS import random app = Flask(__name__) CORS(app) @app.route('/data') def data(): data = [random.randint(0, 100) for _ in range(10)] return jsonify({'data': data}) ``` ```javascript const socket = io.connect('http://localhost:5000'); socket.on('data', (data) => { console.log(data); }); ``` **34. Using CORS for Offline Storage:** ```python from flask import Flask, request, send_file from flask_cors import CORS import sqlite3 app = Flask(__name__) CORS(app) @app.route('/data') def data(): conn = sqlite3.connect('offline_data.db') cursor = conn.cursor() data = cursor.execute('SELECT * FROM data').fetchall() conn.close() return send_file('offline_data.db', as_attachment=True) ``` **35. CORS for Server-Sent Events (SSE):** ```python from flask import Flask, Response from flask_cors import CORS import time app = Flask(__name__) CORS(app) @app.route('/events') def events(): def generate_events(): while True: yield 'data: {}\n\n'.format(time.time()) time.sleep(1) return Response(generate_events(), mimetype='text/event-stream') ``` ```javascript const eventSource = new EventSource('http://localhost:5000/events'); eventSource.addEventListener('message', (event) => { console.log(event.data); }); ``` **36. Using CORS for Cloud Storage:** ```python from flask import Flask, send_file from flask_cors import CORS from google.cloud import storage app = Flask(__name__) CORS(app) @app.route('/file') def file(): client = storage.Client() bucket = client.bucket('my-bucket') blob = bucket.get_blob('my-file') return send_file(blob.download_as_bytes(), mimetype=blob.content_type) ```