SOP / CORS
Same-Origin Policy / Cross-Origin Resource Sharing

An HTTPS server with CORS header accepting connections from any domain in Flask:
cors.py
from flask import Flask, send_file
from flask_cors import CORS
app = Flask(__name__)
CORS(app)
@app.route('/xss.js', methods=['GET'])
def xss():
return send_file('./xss.js', download_name='xss.js')
# openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 365
app.run(host='0.0.0.0', port=443, ssl_context=('cert.pem', 'key.pem'))
Last modified 5mo ago
Copy link