The usual process for CORS is to put web2py behind nginx and configure nginx for CORS
On Tuesday, 16 April 2019 03:45:28 UTC-7, David Orme wrote: > > Hi, > > I'm running a static website from an S3 bucket that calls an API running > on web2py and I've run into a problem with CORS. I can update the headers > for API calls by editing the calls() controller: > > def call(): > """ > exposes services. for example: > http://..../[app]/default/call/jsonrpc > decorate with @services.jsonrpc the functions to expose > supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv > """ > > > # Set response headers > response.headers['Pragma'] = None > response.headers['Access-Control-Allow-Origin'] = '*' > response.headers['Access-Control-Allow-Headers'] = 'Content-Type' > response.headers['Access-Control-Allow-Methods'] = 'GET, OPTIONS' > > > # Dump the session to remove Set-Cookie > session.forget(response) > > > return service() > > > What I can't figure out how to do is to provide those headers for some > static resources. I could wrap them up in a service and cache them, but is > there a way to preserve the existing path and adjust the CORS headers? A > quick look at gluon/main.py makes it seem tricky, but there are a lot of > moving parts in there! > > Cheers, > David > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.