Added CORS headers

irgalamarr · Dec 17, 2023 · d9b1905 · d9b1905
1 parent eb6daf3
commit d9b1905
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 3 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -27,6 +27,5 @@ coverage==6.3.2
 
 # Utilities
 httpie==3.2.1
-
-# Security
-Flask-Talisman
+flask-talisman
+Flask-Cors
diff --git a/service/__init__.py b/service/__init__.py
@@ -7,6 +7,7 @@
 import sys
 from flask import Flask
 from flask_talisman import Talisman
+from flask_cors import CORS
 from service import config
 from service.common import log_handlers
 
@@ -15,6 +16,7 @@
 app.config.from_object(config)
 
 talisman = Talisman(app)
+CORS(app)
 
 # Import the routes After the Flask app is created
 # pylint: disable=wrong-import-position, cyclic-import, wrong-import-order

diff --git a/tests/test_routes.py b/tests/test_routes.py
@@ -187,3 +187,10 @@ def test_security_headers(self):
         }
         for key, value in headers.items():
             self.assertEqual(response.headers.get(key), value)
+
+    def test_cors_security(self):
+        """It should return a CORS header"""
+        response = self.client.get('/', environ_overrides=HTTPS_ENVIRON)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        # Check for the CORS header
+        self.assertEqual(response.headers.get('Access-Control-Allow-Origin'), '*')