Description
The Flask application in api/index.py has no CORS (Cross-Origin Resource Sharing) middleware configured. If the frontend is ever served from a different origin than the API, cross-origin requests will be blocked by browsers.
Suggested Fix
Add Flask-CORS:
from flask_cors import CORS
app = Flask(__name__)
CORS(app, origins=['https://your-domain.com'])
Or if same-origin is guaranteed, document this assumption.
Context
Found during code review of PR #522.
Description
The Flask application in
api/index.pyhas no CORS (Cross-Origin Resource Sharing) middleware configured. If the frontend is ever served from a different origin than the API, cross-origin requests will be blocked by browsers.Suggested Fix
Add Flask-CORS:
Or if same-origin is guaranteed, document this assumption.
Context
Found during code review of PR #522.