CORSとPreflight request 仕事でCORSとPreflight requestについてハマったので備忘録的に書いておきます Code Access-Control-Allow-Origin Responseの中にAccess-Control-Allow-Originをつけるとホワイトリスト的にHTTPリクエストを許可できる https://developer.mozilla.org/ja/docs/Web/HTTP/CORS#cors_を使用したリクエストとは 例: Pyramidでlocalhostからのアクセスを許可する場合、event.response.headers[["Access-Control-Allow-Origin"]]にOriginを書く def add_cors_to_response(event): response = event.respons
![PyramidでのCORSとPreflight request](https://cdn-ak-scissors.b.st-hatena.com/image/square/f4201d512a8c83f770ab184054a340c188867ceb/height=288;version=1;width=512/https%3A%2F%2Fres.cloudinary.com%2Fzenn%2Fimage%2Fupload%2Fs--xaOzEK3O--%2Fc_fit%252Cg_north_west%252Cl_text%3Anotosansjp-medium.otf_55%3APyramid%2525E3%252581%2525A7%2525E3%252581%2525AECORS%2525E3%252581%2525A8Preflight%252520request%252Cw_1010%252Cx_90%252Cy_100%2Fg_south_west%252Cl_text%3Anotosansjp-medium.otf_37%3APeacock%252Cx_203%252Cy_121%2Fg_south_west%252Ch_90%252Cl_fetch%3AaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL3plbm4tdXNlci11cGxvYWQvYXZhdGFyLzk2YjA3NjYwNGEuanBlZw%3D%3D%252Cr_max%252Cw_90%252Cx_87%252Cy_95%2Fv1627283836%2Fdefault%2Fog-base-w1200-v2.png)