CORS

To allow Cross Origin Resource Sharing (CORS), OpenAtlas API uses flask-cors. Every API route is decorated with

@cross_origin(origins=app.config['CORS_ALLOWANCE'], methods=['GET'])

For now, methods only should be 'GET', because the API should only provide data.
Origins point to a global variable, which can be changed in the instance/production.py. Default value:

 CORS_ALLOWANCE = '*'  

The value can be a case-sensitive string, for a single point of origin, a regex expression, a list or an asterisk (*) as wildcard.
Examples:

CORS_ALLOWANCE = 'https://thanados.net/'
CORS_ALLOWANCE = ['https://thanados.net/', 'https://openatlas.eu/']
CORS_ALLOWANCE = r'^((https?:\/\/)?.*?([\w\d-]*\.[\w\d]+))($|\/.*$)'

Links

https://flask-cors.readthedocs.io/