问题:如何在Flask中设置响应头?
这是我的代码:
@app.route('/hello', methods=["POST"])
def hello():
resp = make_response()
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
但是,当我从浏览器向服务器发出请求时,出现此错误:
XMLHttpRequest cannot load http://localhost:5000/hello.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
我也尝试过这种方法,在请求之后设置响应头:
@app.after_request
def add_header(response):
response.headers['Access-Control-Allow-Origin'] = '*'
return response
没有骰子。我犯了同样的错误。有没有一种方法可以只在route函数中设置响应头?这样的事情将是理想的:
@app.route('/hello', methods=["POST"])
def hello(response): # is this a thing??
response.headers['Access-Control-Allow-Origin'] = '*'
return response
但我还是找不到这样做。请帮忙。
编辑
如果我使用POST请求卷曲网址,如下所示:
curl -iX POST http://localhost:5000/hello
我得到这个回应:
HTTP/1.0 500 INTERNAL SERVER ERROR
Content-Type: text/html
Content-Length: 291
Server: Werkzeug/0.9.6 Python/2.7.6
Date: Tue, 16 Sep 2014 03:58:42 GMT
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>500 Internal Server Error</title>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.</p>
有任何想法吗?
This is my code:
@app.route('/hello', methods=["POST"])
def hello():
resp = make_response()
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
However, when I make a request from the browser to my server I get this error:
XMLHttpRequest cannot load http://localhost:5000/hello.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
I have also tried this approach, setting the response headers “after” the request:
@app.after_request
def add_header(response):
response.headers['Access-Control-Allow-Origin'] = '*'
return response
No dice. I get the same error. Is there a way to just set the response headers in the route function? Something like this would be ideal:
@app.route('/hello', methods=["POST"])
def hello(response): # is this a thing??
response.headers['Access-Control-Allow-Origin'] = '*'
return response
but I cant find anyway to do this. Please help.
EDIT
if I curl the url with a POST request like so:
curl -iX POST http://localhost:5000/hello
I get this response:
HTTP/1.0 500 INTERNAL SERVER ERROR
Content-Type: text/html
Content-Length: 291
Server: Werkzeug/0.9.6 Python/2.7.6
Date: Tue, 16 Sep 2014 03:58:42 GMT
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>500 Internal Server Error</title>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.</p>
Any ideas?
回答 0
您可以很容易地做到这一点:
@app.route("/")
def home():
resp = flask.Response("Foo bar baz")
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
查看flask.Response和flask.make_response()
但是有些事情告诉我您还有另一个问题,因为after_request
应当也正确地处理了它。
编辑
我刚刚注意到您已经在使用make_response
它,这是执行此操作的方法之一。就像我之前说过的,after_request
应该也可以。尝试通过curl到达端点,看看标题是什么:
curl -i http://127.0.0.1:5000/your/endpoint
你应该看到
> curl -i 'http://127.0.0.1:5000/'
HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 11
Access-Control-Allow-Origin: *
Server: Werkzeug/0.8.3 Python/2.7.5
Date: Tue, 16 Sep 2014 03:47:13 GMT
注意Access-Control-Allow-Origin标头。
编辑2
正如我所怀疑的,您得到500,所以您没有按照您的想法设置标题。app.debug = True
在启动应用程序之前尝试添加,然后重试。您应该获得一些输出,以显示问题的根本原因。
例如:
@app.route("/")
def home():
resp = flask.Response("Foo bar baz")
user.weapon = boomerang
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
给出格式正确的html错误页面,该页面位于底部(有助于curl命令)
Traceback (most recent call last):
...
File "/private/tmp/min.py", line 8, in home
user.weapon = boomerang
NameError: global name 'boomerang' is not defined
You can do this pretty easily:
@app.route("/")
def home():
resp = flask.Response("Foo bar baz")
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
Look at flask.Response and flask.make_response()
But something tells me you have another problem, because the after_request
should have handled it correctly too.
EDIT
I just noticed you are already using make_response
which is one of the ways to do it. Like I said before, after_request
should have worked as well. Try hitting the endpoint via curl and see what the headers are:
curl -i http://127.0.0.1:5000/your/endpoint
You should see
> curl -i 'http://127.0.0.1:5000/'
HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 11
Access-Control-Allow-Origin: *
Server: Werkzeug/0.8.3 Python/2.7.5
Date: Tue, 16 Sep 2014 03:47:13 GMT
Noting the Access-Control-Allow-Origin header.
EDIT 2
As I suspected, you are getting a 500 so you are not setting the header like you thought. Try adding app.debug = True
before you start the app and try again. You should get some output showing you the root cause of the problem.
For example:
@app.route("/")
def home():
resp = flask.Response("Foo bar baz")
user.weapon = boomerang
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
Gives a nicely formatted html error page, with this at the bottom (helpful for curl command)
Traceback (most recent call last):
...
File "/private/tmp/min.py", line 8, in home
user.weapon = boomerang
NameError: global name 'boomerang' is not defined
回答 1
使用make_response
Flask之类的东西
@app.route("/")
def home():
resp = make_response("hello") #here you could use make_response(render_template(...)) too
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
从flask文档,
flask.make_response(* args)
有时有必要在视图中设置其他标题。由于视图不必返回响应对象,而是可以返回Flask本身将其转换为响应对象的值,因此向其添加标头变得很棘手。可以调用此函数而不是使用return,您将获得一个响应对象,可用于附加标题。
Use make_response
of Flask something like
@app.route("/")
def home():
resp = make_response("hello") #here you could use make_response(render_template(...)) too
resp.headers['Access-Control-Allow-Origin'] = '*'
return resp
From flask docs,
flask.make_response(*args)
Sometimes it is necessary to set additional headers in a view. Because views do not have to return response objects but can return a value that is converted into a response object by Flask itself, it becomes tricky to add headers to it. This function can be called instead of using a return and you will get a response object which you can use to attach headers.
回答 2
这对我有用
from flask import Flask
from flask import Response
app = Flask(__name__)
@app.route("/")
def home():
return Response(headers={'Access-Control-Allow-Origin':'*'})
if __name__ == "__main__":
app.run()
This work for me
from flask import Flask
from flask import Response
app = Flask(__name__)
@app.route("/")
def home():
return Response(headers={'Access-Control-Allow-Origin':'*'})
if __name__ == "__main__":
app.run()
回答 3
这就是在我的烧瓶应用程序中添加我的标头的方式,并且效果很好
@app.after_request
def add_header(response):
response.headers['X-Content-Type-Options'] = 'nosniff'
return response
This was how added my headers in my flask application and it worked perfectly
@app.after_request
def add_header(response):
response.headers['X-Content-Type-Options'] = 'nosniff'
return response
回答 4
我们可以在Flask应用程序上下文中使用以下命令在Python Flask应用程序中设置响应标头: flask.g
这种在Flask应用程序上下文中使用设置响应标头的方法flask.g
是线程安全的,可用于从任何应用程序文件设置自定义和动态属性,如果我们从任何帮助程序类设置自定义/动态响应标头,则该方法特别有用。也可以从任何其他文件(例如中间件等)进行访问,这flask.g
是全局的,仅对该请求线程有效。
说我是否要从正在从此应用程序调用的另一个api / http调用中读取响应标头,然后提取任何内容并将其设置为该应用程序的响应标头。
示例代码:文件: helper.py
import flask
from flask import request, g
from multidict import CIMultiDict
from asyncio import TimeoutError as HttpTimeout
from aiohttp import ClientSession
def _extract_response_header(response)
"""
extracts response headers from response object
and stores that required response header in flask.g app context
"""
headers = CIMultiDict(response.headers)
if 'my_response_header' not in g:
g.my_response_header= {}
g.my_response_header['x-custom-header'] = headers['x-custom-header']
async def call_post_api(post_body):
"""
sample method to make post api call using aiohttp clientsession
"""
try:
async with ClientSession() as session:
async with session.post(uri, headers=_headers, json=post_body) as response:
responseResult = await response.read()
_extract_headers(response, responseResult)
response_text = await response.text()
except (HttpTimeout, ConnectionError) as ex:
raise HttpTimeout(exception_message)
文件: middleware.py
import flask
from flask import request, g
class SimpleMiddleWare(object):
"""
Simple WSGI middleware
"""
def __init__(self, app):
self.app = app
self._header_name = "any_request_header"
def __call__(self, environ, start_response):
"""
middleware to capture request header from incoming http request
"""
request_id_header = environ.get(self._header_name)
environ[self._header_name] = request_id_header
def new_start_response(status, response_headers, exc_info=None):
"""
set custom response headers
"""
# set the request header as response header
response_headers.append((self._header_name, request_id_header))
# this is trying to access flask.g values set in helper class & set that as response header
values = g.get(my_response_header, {})
if values.get('x-custom-header'):
response_headers.append(('x-custom-header', values.get('x-custom-header')))
return start_response(status, response_headers, exc_info)
return self.app(environ, new_start_response)
从主类调用中间件
文件: main.py
from flask import Flask
import asyncio
from gevent.pywsgi import WSGIServer
from middleware import SimpleMiddleWare
app = Flask(__name__)
app.wsgi_app = SimpleMiddleWare(app.wsgi_app)
We can set the response headers in Python Flask application using Flask application context using flask.g
This way of setting response headers in Flask application context using flask.g
is thread safe and can be used to set custom & dynamic attributes from any file of application, this is especially helpful if we are setting custom/dynamic response headers from any helper class, that can also be accessed from any other file ( say like middleware, etc), this flask.g
is global & valid for that request thread only.
Say if i want to read the response header from another api/http call that is being called from this app, and then extract any & set it as response headers for this app.
Sample Code: file: helper.py
import flask
from flask import request, g
from multidict import CIMultiDict
from asyncio import TimeoutError as HttpTimeout
from aiohttp import ClientSession
def _extract_response_header(response)
"""
extracts response headers from response object
and stores that required response header in flask.g app context
"""
headers = CIMultiDict(response.headers)
if 'my_response_header' not in g:
g.my_response_header= {}
g.my_response_header['x-custom-header'] = headers['x-custom-header']
async def call_post_api(post_body):
"""
sample method to make post api call using aiohttp clientsession
"""
try:
async with ClientSession() as session:
async with session.post(uri, headers=_headers, json=post_body) as response:
responseResult = await response.read()
_extract_headers(response, responseResult)
response_text = await response.text()
except (HttpTimeout, ConnectionError) as ex:
raise HttpTimeout(exception_message)
file: middleware.py
import flask
from flask import request, g
class SimpleMiddleWare(object):
"""
Simple WSGI middleware
"""
def __init__(self, app):
self.app = app
self._header_name = "any_request_header"
def __call__(self, environ, start_response):
"""
middleware to capture request header from incoming http request
"""
request_id_header = environ.get(self._header_name)
environ[self._header_name] = request_id_header
def new_start_response(status, response_headers, exc_info=None):
"""
set custom response headers
"""
# set the request header as response header
response_headers.append((self._header_name, request_id_header))
# this is trying to access flask.g values set in helper class & set that as response header
values = g.get(my_response_header, {})
if values.get('x-custom-header'):
response_headers.append(('x-custom-header', values.get('x-custom-header')))
return start_response(status, response_headers, exc_info)
return self.app(environ, new_start_response)
Calling the middleware from main class
file : main.py
from flask import Flask
import asyncio
from gevent.pywsgi import WSGIServer
from middleware import SimpleMiddleWare
app = Flask(__name__)
app.wsgi_app = SimpleMiddleWare(app.wsgi_app)