I have an API using Flask, Flask-SQLAlchemy and Flask-Restless, and I'm trying to make POST / PUT / DELETE requests with javascript (backbone.js, to be precise). However, I constantly encounter CORS errors - everything except GET returns an HTTP-OPTIONS 501 Not Implemented Error in the browser.
At first I tried to add the least restrictive CORS headers for all the answers:
@app.after_request def after(response): response.headers.add('Access-Control-Allow-Origin', '*') response.headers.add('Access-Control-Allow-Methods', 'POST, GET, PUT, PATCH, DELETE, OPTIONS') response.headers.add('Access-Control-Allow-Headers', 'Content-Type, X-Requested-With') response.headers.add('Access-Control-Max-Age', '1728000') return response
CORS seems to fail when the Content-Type header of the request was set to application / json (as the API requires), so a quick hack was made to get everything working:
@app.before_request def before(): request.environ['CONTENT_TYPE'] = 'application/json'
However, everything except POST still does not work. In addition, gevent logging is enabled, but OPTIONS requests are never logged (which I think is CORS pre-sale material), even if the browser shows that they do not work with 501.
Do I need to change something in gevent or Flask in order to get CORS to work?
Edit: Running the API using the built-in flash server works, so the problem with gevent is here, but I cannot find much in the way of the documents ...