Metadata-Version: 2.1
Name: wsgicors
Version: 0.4.1
Summary: WSGI for Cross Origin Resource Sharing (CORS)
Home-page: https://github.com/may-day/wsgicors
Author: Norman Krämer
Author-email: kraemer.norman@googlemail.com
License: Apache Software License 2.0
Keywords: wsgi,cors
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 3
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: Internet :: WWW/HTTP :: WSGI
License-File: AUTHORS.rst

wsgicors |buildstatus|
========

.. |buildstatus| image:: https://travis-ci.org/may-day/wsgicors.svg?branch=master

This is a WSGI middleware that answers CORS preflight requests and adds
the needed header to the response. For CORS see:
http://www.w3.org/TR/cors/

Usage
-----

Either plug it in programmatically as in this pyramid example:

.. code:: python


    def app(global_config, **settings):
        """ This function returns a WSGI application.
        
        It is usually called by the PasteDeploy framework during 
        ``paster serve``.
        """

        def get_root(request):
            return {}

        config = Configurator(root_factory=get_root, settings=settings)
        config.begin()
        # whatever it takes to config your app goes here
        config.end()

        from wsgicors import CORS
        return CORS(config.make_wsgi_app(), headers="*", methods="*", maxage="180", origin="*")

or plug it into your wsgi pipeline via paste ini to let it serve by
waitress for instance:

::

    [app:myapp]
    use = egg:mysuperapp#app

    ###
    # wsgi server configuration
    ###

    [server:main]
    use = egg:waitress#main
    host = 0.0.0.0
    port = 6543

    [pipeline:main]
    pipeline =
        cors
        myapp

    [filter:cors]
    use = egg:wsgicors#middleware
    policy=free
    free_origin=copy
    free_headers=*
    free_methods=*
    free_maxage=180

    policy=subdom
    subdom_origin=example.com example2.com *.example.com
    subdom_headers=*
    subdom_methods=*
    subdom_maxage=180

Keywords are:

-  ``origin``
-  ``headers``
-  ``methods``
-  ``credentials``
-  ``maxage``

for ``origin``:

-  use ``copy`` which will copy whatever origin the request comes from
-  a space separated list of hostnames - they can also contain wildcards
   like ``*`` or ``?`` (fnmatch lib is used for matching). If a match is
   found the original host is returned.
-  any other literal will be be copied verbatim (like ``*`` for instance
   to allow every source)

for ``headers``:

-  use ``*`` which will allow whatever header is asked for
-  any other literal will be be copied verbatim (like ``*`` for instance
   to allow every source)

for ``methods``:

-  use ``*`` which will allow whatever method is asked for
-  any other literal will be be copied verbatim (like
   ``POST, PATCH, PUT, DELETE`` for instance)

for ``credentials``:

-  use ``true``
-  anything else will be ignored (that is no response header for
   ``Access-Control-Allow-Credentials`` is sent)

for ``maxage``:

-  give the number of seconds the answer can be used by a client,
   anything nonempty will be copied verbatim

As can be seen in the example above, a policy needs to be created with
the ``policy`` keyword. The options need then be prefixed with the
policy name and a ``_``.


Changes
=======

Version 0.4.1
-------------

-  py3 utf-8 related setup fixes

Version 0.4
-----------

-  python3 compatibility

Version 0.3
-----------

-  ``origin`` now takes space separated list of hostnames. They can be
   filename patterns like \*.domain.tld

Version 0.2
-----------

-  Access-Control-Allow-Credentials is now returned in the actual
   reponse if specified by policy



Credits
=======

“wsgicors” is written and maintained by Norman Krämer.


Contributors
------------

The following people contributed directly or indirectly to this project:

- `Julien De Vos <https://github.com/JDeVos>`_
- `Ryan Shaw <https://github.com/ryankshaw>`_
- `David Douard <https://github.com/douardda>`_

Please add yourself here when you submit your first pull request.
