Skip to content

CORSConfig class

Reference for the CORSConfig class object and how to use it.

Read more about how to use the CORSConfig in your application and leverage the system.

How to import

from esmerald import CORSConfig


Bases: BaseModel

An instance of CORSConfig.

This configuration is passed to the CORSMiddleware and enables the middleware.


from esmerald import Esmerald
from esmerald.config import CSRFConfig

cors_config = CORSConfig(allow_origins=["*"])

app = Esmerald(cors_config=cors_config)

allow_origins class-attribute instance-attribute

allow_origins = ['*']

A list of origins that are allowed.

It is possible to allow all by passing '*' and also wildcards are are allowed.

Example: example.* or *

This option sets the 'Access-Control-Allow-Origin' header.

allow_methods class-attribute instance-attribute

allow_methods = ['*']

List of allowed HTTP verbs/methods.

This option sets the 'Access-Control-Allow-Methods' header.

allow_headers class-attribute instance-attribute

allow_headers = ['*']

List of allowed headers.

This option sets the 'Access-Control-Allow-Headers' header.

allow_credentials class-attribute instance-attribute

allow_credentials = False

Boolean flag indicating whether or not to set the 'Access-Control-Allow-Credentials' header.

allow_origin_regex class-attribute instance-attribute

allow_origin_regex = None

Regular expressio to match the origins against.

expose_headers class-attribute instance-attribute

expose_headers = []

List of headers that are exposed.

This option sets the 'Access-Control-Expose-Headers' header.

max_age class-attribute instance-attribute

max_age = 600

Response TTL caching in seconds.

This option sets the 'Access-Control-Max-Age' header.