Skip to content

Commit

Permalink
Update Api docs for credentialed requests (#221)
Browse files Browse the repository at this point in the history
  • Loading branch information
jodiwaljay authored Aug 30, 2020
1 parent 522d989 commit 91babb9
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions docs/api.rst
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,9 @@ cross origins, simply set the `supports_credentials` option to `True`. E.G.
def helloWorld():
return "Hello, %s" % session['username']
The above code enables Flask backend to accept cookies to be submitted from cross origin sites. But if you are sending Xhr requests (ajax calls) to a cross-origin server, by default chrome or any modern browser won't send cookies and session with the request. You should use ``withCredentials = True`` while sending Xhr request to enable that. You should keep in mind about the necessary security concerns. Related MDN doc: https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials

Using `CORS` with Blueprints
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Expand Down

0 comments on commit 91babb9

Please sign in to comment.