Skip to content

Missing CORS middleware on Flask app #576

New issue
New issue
Open
Open
Missing CORS middleware on Flask app#576
Labels
enhancementNew feature or request
@gkorland

Description

@gkorland
gkorland
opened on Mar 10, 2026

Description

The Flask application in api/index.py has no CORS (Cross-Origin Resource Sharing) middleware configured. If the frontend is ever served from a different origin than the API, cross-origin requests will be blocked by browsers.

Suggested Fix

Add Flask-CORS:

from flask_cors import CORS
app = Flask(__name__)
CORS(app, origins=['https://your-domain.com'])

Or if same-origin is guaranteed, document this assumption.

Context

Found during code review of PR #522.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions