happyz
/
fastapi
mirror of https://github.com/tiangolo/fastapi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

remove allow_credentials

This commit is contained in:
Flavius Raducu 2025-10-05 22:45:12 +01:00
parent cbbaeff4f9
commit b58ed871d3
No known key found for this signature in database
2 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs_src/cors/tutorial001.py
View File

@ -13,9 +13,8 @@ origins = [
app.add_middleware( app.add_middleware(
CORSMiddleware, CORSMiddleware,
allow_origins=origins, allow_origins=origins,
allow_credentials=True, allow_methods=["*"],
allow_methods=["GET"], allow_headers=["*"],
allow_headers=["Authorization", "X-Example"],
) )

6
tests/test_tutorial/test_cors/test_tutorial001.py
View File

@ -18,11 +18,7 @@ def test_cors():
response.headers["access-control-allow-origin"] response.headers["access-control-allow-origin"]
== "https://localhost.tiangolo.com" == "https://localhost.tiangolo.com"
) )
assert response.headers["access-control-allow-headers"] == ( assert response.headers["access-control-allow-headers"] == "X-Example"
"Accept, Accept-Language, "
"Authorization, Content-Language, "
"Content-Type, X-Example"
)
# Test standard response # Test standard response
headers = {"Origin": "https://localhost.tiangolo.com"} headers = {"Origin": "https://localhost.tiangolo.com"}