Enable CORS in bottle python

To access data of the REST API from other domain API should have CORS enabled for the website. Like most of all framework Bottle by default does not set CORS header. To enable it, following decorator can be used:

from bottle import Bottle,response
def allow_cors(func):
""" this is a decorator which enable CORS for specified endpoint """
def wrapper(*args, **kwargs):
response.headers['Access-Control-Allow-Origin'] = 'example.com' # * in case you want to be accessed via any website
return func(*args, **kwargs)
return wrapper
#example usages in an API endpoint
app = Bottle()
@app.route("/endpoint/:id")
@allow_cors
def get_cakes_by_id():
# loading cakes by ID
return {"cakes": cakes}

view raw
cors.py
hosted with ❤ by GitHub

In the API response header “Access-Control-Allow-Origin” will be added. As per our example, it will be Access-Control-Allow-Origin: example.com.  To enable it for any website you can set it as “*”.   There is an interesting discussion whether to set it * or not.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.