Cross Posting Forms

25 January 2013

My application has 2 different components. An API written in Flask and a JS Application using AngularJS and these are served from different locations/domains. So the API needed to implement HTTP Access Controls CORS to allow the requests from different domains.

For the API, I used the following view decorator and I also added

f.required_methods = ['OPTIONS']

to the decorator function as suggested in the comments. I then implemented the decorator in the following manner;

@app.route("/login", methods=['POST')
@crossdomain(origin='*', headers='origin, x-requested-with, content-type, accept')
def login():
    ...<snip>...

Once that was done the calls from the JS Applicatin worked.

To improve things, I’ll probably move the headers param into the decorator function and make it a default rather than having to type it every time.