Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

'Access-Control-Allow-Private-Network = true' header for http response #318

Merged
merged 1 commit into from
Apr 11, 2023

Conversation

chelo-kjml
Copy link

Google chrome browser (and I guess others too) are deprecating direct access to private network endpoints from public websites as part of the Private Network Access (PNA) specification.

Complete information here: https://developer.chrome.com/blog/private-network-access-preflight/

Please merge this change in order to add that header to responses. For now it is working on an ab test level, but is supposed to be released in a couple of google chrome versions.

@chelo-kjml
Copy link
Author

@corydolphin
Hey Cory, first of all thanks for this great library, it's a great addition to any flask application.

I just want you to know that I'm submitting this pull request about new preflight header google chrome is implementing, it would be great if you could release a new version of the library including it so we can use it from public python package index.

Thanks in advance.

@Sergio-Space
Copy link

I'm also facing this issue, this PR fixes it for me. @corydolphin is there any plan on merging?

@cristi8
Copy link

cristi8 commented Apr 11, 2023

Any plans on releasing a new version with this soon?
I guess a lot of people will have to have a local fork with this PR if this is not released soon.

@corydolphin corydolphin merged commit b2c4da1 into corydolphin:master Apr 11, 2023
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Sep 6, 2023
## 4.0.0
* Remove support for Python versions older than 3.8 by @WAKayser in corydolphin/flask-cors#330
* Add GHA tooling by @corydolphin in corydolphin/flask-cors#331

## 3.1.01
* Include examples to specify that schema and port must be included in … by @YPCrumble in corydolphin/flask-cors#294
* two small changes to the documentation, based on issue #290 by @bbbart in corydolphin/flask-cors#291
* Fix typo by @sunarch in corydolphin/flask-cors#304
* FIX: typo in CSRF by @sattamjh in corydolphin/flask-cors#315
* Test against recent Python versions by @pylipp in corydolphin/flask-cors#314
* Correct spelling mistakes by @EdwardBetts in corydolphin/flask-cors#311
* 'Access-Control-Allow-Private-Network = true' header for http response by @chelo-kjml in corydolphin/flask-cors#318
* docs: Fix a few typos by @timgates42 in corydolphin/flask-cors#323
* [Docs] Fix typo in configuration documentation by @sachit-shroff in corydolphin/flask-cors#316
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants