U
|
����§N®d���ã��������������������@���sj���d�Z�d�d�l�Z�d�d�l�m�Z���d�d�l�m�Z���d�d�l�m�Z�m�Z�m Z m
|
Z
|
m�Z�m�Z���e� e�¡�Z�G�d�d��d�e��Z�d d
|
�Z�d�S�)�zý
|
extension
|
~~~~
|
Flask-CORS is a simple extension to Flask allowing you to support cross
|
origin resource sharing (CORS) using a simple decorator.
|
|
:copyright: (c) 2016 by Cory Dolphin.
|
:license: MIT, see LICENSE for more details.
|
é����N)�Ú�unquote_plus)�Ú�requesté����)�Ú�parse_resourcesÚ�get_cors_optionsÚ�get_regexp_patternÚ
|
ACL_ORIGINÚ try_matchÚ�set_cors_headersc��������������������@���s"���e�Z�d�Z�d�Z�d�d�d��Z�d�d��Z�d�S�)�Ú�CORSa+���
|
Initializes Cross Origin Resource sharing for the application. The
|
arguments are identical to :py:func:`cross_origin`, with the addition of a
|
`resources` parameter. The resources parameter defines a series of regular
|
expressions for resource paths to match and optionally, the associated
|
options to be applied to the particular resource. These options are
|
identical to the arguments to :py:func:`cross_origin`.
|
|
The settings for CORS are determined in the following order
|
|
1. Resource level settings (e.g when passed as a dictionary)
|
2. Keyword argument settings
|
3. App level configuration settings (e.g. CORS_*)
|
4. Default settings
|
|
Note: as it is possible for multiple regular expressions to match a
|
resource path, the regular expressions are first sorted by length,
|
from longest to shortest, in order to attempt to match the most
|
specific regular expression. This allows the definition of a
|
number of specific resource options, with a wildcard fallback
|
for all other resources.
|
|
:param resources:
|
The series of regular expression and (optionally) associated CORS
|
options to be applied to the given resource path.
|
|
If the argument is a dictionary, it's keys must be regular expressions,
|
and the values must be a dictionary of kwargs, identical to the kwargs
|
of this function.
|
|
If the argument is a list, it is expected to be a list of regular
|
expressions, for which the app-wide configured options are applied.
|
|
If the argument is a string, it is expected to be a regular expression
|
for which the app-wide configured options are applied.
|
|
Default : Match all and apply app-level configuration
|
|
:type resources: dict, iterable or string
|
|
:param origins:
|
The origin, or list of origins to allow requests from.
|
The origin(s) may be regular expressions, case-sensitive strings,
|
or else an asterisk.
|
|
:note: origins must include the schema and the port (if not port 80),
|
e.g.,
|
`CORS(app, origins=["http://localhost:8000", "https://example.com"])`.
|
|
Default : '*'
|
:type origins: list, string or regex
|
|
:param methods:
|
The method or list of methods which the allowed origins are allowed to
|
access for non-simple requests.
|
|
Default : [GET, HEAD, POST, OPTIONS, PUT, PATCH, DELETE]
|
:type methods: list or string
|
|
:param expose_headers:
|
The header or list which are safe to expose to the API of a CORS API
|
specification.
|
|
Default : None
|
:type expose_headers: list or string
|
|
:param allow_headers:
|
The header or list of header field names which can be used when this
|
resource is accessed by allowed origins. The header(s) may be regular
|
expressions, case-sensitive strings, or else an asterisk.
|
|
Default : '*', allow all headers
|
:type allow_headers: list, string or regex
|
|
:param supports_credentials:
|
Allows users to make authenticated requests. If true, injects the
|
`Access-Control-Allow-Credentials` header in responses. This allows
|
cookies and credentials to be submitted across domains.
|
|
:note: This option cannot be used in conjunction with a '*' origin
|
|
Default : False
|
:type supports_credentials: bool
|
|
:param max_age:
|
The maximum time for which this CORS request maybe cached. This value
|
is set as the `Access-Control-Max-Age` header.
|
|
Default : None
|
:type max_age: timedelta, integer, string or None
|
|
:param send_wildcard: If True, and the origins parameter is `*`, a wildcard
|
`Access-Control-Allow-Origin` header is sent, rather than the
|
request's `Origin` header.
|
|
Default : False
|
:type send_wildcard: bool
|
|
:param vary_header:
|
If True, the header Vary: Origin will be returned as per the W3
|
implementation guidelines.
|
|
Setting this header when the `Access-Control-Allow-Origin` is
|
dynamically generated (e.g. when there is more than one allowed
|
origin, and an Origin than '*' is returned) informs CDNs and other
|
caches that the CORS headers are dynamic, and cannot be cached.
|
|
If False, the Vary header will never be injected or altered.
|
|
Default : True
|
:type vary_header: bool
|
Nc��������������������K���s ���|�|�_�|�d�k r�|�j�|�f�|����d�S�©�N)�Ú�_optionsÚ�init_app)�Ú�selfÚ�appÚ�kwargs©�r����úKd:\z\workplace\vscode\pyvenv\venv\Lib\site-packages\flask_cors/extension.pyÚ�__init__���s����������z CORS.__init__c������������������������s���t��|�j�|���t�� �d�¡��}���f�d�d��|�D��}�d�d��|�D��}�t� �d�|�¡���t�|���� ��¡���� �d�d�¡�r��f�d d
|
�}�t��d��r|��j ��_ |��j
|
��_
|
d�S�)�NÚ resourcesc������������������������s ���g�|�]�\�}�}�|�t���|��f��q�S�r����)�r����©�Ú�.0Ú�patternÚ�opts)�r����Ú�optionsr����r����Ú
|
<listcomp>���s�������ÿz!CORS.init_app.<locals>.<listcomp>c��������������������S���s����i�|�]�\�}�}�t�|��|��q�S�r����)�r����r����r����r����r����Ú
|
<dictcomp>¥���s����������z!CORS.init_app.<locals>.<dictcomp>z#Configuring CORS with resources: %sZ�intercept_exceptionsTc������������������������s�������f�d�d��}�|�S�)�Nc������������������������s������ ��|�|��¡��S�r����)�Z make_response)�Ú�argsr����)�r����Ú�cors_after_requestÚ�fr����r����Ú�wrapped_function¯���s������zICORS.init_app.<locals>._after_request_decorator.<locals>.wrapped_functionr����)�r����r ���)�r����r����)�r����r����Ú�_after_request_decorator®���s��������z/CORS.init_app.<locals>._after_request_decoratorÚ�handle_exception)�r����r ���r����Ú�getÚ�LOGÚ�debugÚ�make_after_request_functionZ after_requestÚ�hasattrr"���Z�handle_user_exception)�r����r����r����r����Z�resources_humanr!���r����)�r����r����r����r����r�������s$������������þ��������
|
|
����ÿ�����ÿz CORS.init_app)�N)�Ú�__name__Ú
|
__module__�__qualname__�__doc__r����r����r����r����r����r����r��������s�������q
|
�r����c������������������������s�����f�d�d��}�|�S�)�Nc������������������������sx���|�j�d�k r$|�j� �t�¡�r$t� �d�¡���|�S�t�t�j��}��D�]6\�}�}�t�|�|��r2t� �d�t�j�t |��|�¡���t
|
|�|������qtq2t� �d�¡���|�S�)�Nz*CORS have been already evaluated, skippingz=Request to '%s' matches CORS resource '%s'. Using options: %sz�No CORS rule matches)�Ú�headersr#���r����r$���r%���r����r����Ú�pathr ���r����r
|
���)�Ú�respZ�normalized_pathZ res_regexZ�res_options©�r����r����r����r����º���s��������
|
|
|
��������ÿ��
|
|
�z7make_after_request_function.<locals>.cors_after_requestr����)�r����r����r����r/���r����r&���¹���s��������r&���)�r+���Ú�loggingÚ�urllib.parser����Z�flaskr����Ú�corer����r����r����r����r ���r
|
���Ú getLoggerr(���r$���Ú�objectr����r&���r����r����r����r����Ú�<module>����s����� ������
|
|
����
|
