remove allow_credentials

This commit is contained in:
Flavius Raducu 2025-10-05 22:45:12 +01:00
parent cbbaeff4f9
commit b58ed871d3
No known key found for this signature in database
2 changed files with 3 additions and 8 deletions

View File

@ -13,9 +13,8 @@ origins = [
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_credentials=True,
allow_methods=["GET"],
allow_headers=["Authorization", "X-Example"],
allow_methods=["*"],
allow_headers=["*"],
)

View File

@ -18,11 +18,7 @@ def test_cors():
response.headers["access-control-allow-origin"]
== "https://localhost.tiangolo.com"
)
assert response.headers["access-control-allow-headers"] == (
"Accept, Accept-Language, "
"Authorization, Content-Language, "
"Content-Type, X-Example"
)
assert response.headers["access-control-allow-headers"] == "X-Example"
# Test standard response
headers = {"Origin": "https://localhost.tiangolo.com"}