Hi guys,
I have a traversal based pyramid web app, there are controllers like this
@view_defaults(
context=UserResource,
renderer='json',
)
class UserController(ControllerBase):
@view_config(request_method='GET', permission='view')
def get(self):
user = self.context.entity
return user
@view_config(request_method='PUT', permission='update')
def put(self):
# update user here
return user
One problem I ran into was, I found out myself in need to add handler for
CORS preflight requests. The code above will be something like this
@view_defaults(
context=UserResource,
renderer='json',
)
class UserController(ControllerBase):
@view_config(request_method='OPTIONS', permission='options')
def options(self):
return Response(b'', headerlist=[
('Access-Control-Allow-Origin', 'http://localhost:8080'),
('Access-Control-Allow-Methods', 'POST'),
('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept,
Authorization'),
])
# other code goes here
Turned out I will need to add a ton of these CORS handlers. Besides
handling this manually, I am thinking about deal with it programmatically.
I found out there are WSGI middleware like this one
https://github.com/may-day/wsgicors
Kind of able to do what I want, but still, it's not really ideal, as it
applies to the whole app. Sometimes, I want to have fine-grand control over
CORS for different endpoints.
For example, I may can define something like
@view_config(request_method='PUT', permission='update',
cors_allowed_origin='http://foobar.com')
def put(self):
# update user here
return user
see the "cors_allow_origin" I added to view_config for this put method.
There are also other things I can add.
I am thinking about using "Introspectable" API, enumerate all the view, and
define corresponding view via add_view method of config. Like this
def define_cors_views(config):
for view in config introspectable views:
some rules to determine what kind of preflight view to add
config.add_view # add the preflight request handler for the view
config.add_before_commit(define_cors_views)
Here comes the questions
- Is there a hook or what I can use on config, to put my code for
scanning views and adding corresponding views before commit?
- Is there any code sample similar to what I want to do, that I can
reference to?
- Is this scan and add views for preflight request approach the best way
to do with Pyramid? Any other better ideas?
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/18a4f9a5-d603-4011-932c-4491ce3740ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
