Ignore headers that trigger unintended CORS preflight requests

koenvo · Mar 30, 2023 · c9805e1 · c9805e1
1 parent 4ba4054
commit c9805e1
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/pyodide_http/__init__.py b/pyodide_http/__init__.py
@@ -5,7 +5,7 @@
 except ImportError:
     _SHOULD_PATCH = False
 
-__version__ = "0.2.0"
+__version__ = "0.2.1"
 
 
 def patch_requests(continue_on_import_error: bool = False):

diff --git a/pyodide_http/_core.py b/pyodide_http/_core.py
@@ -8,6 +8,13 @@
 from ._streaming import send_streaming_request
 
 
+"""
+There are some headers that trigger unintended CORS preflight requests.
+See also https://github.com/koenvo/pyodide-http/issues/22
+"""
+HEADERS_TO_IGNORE = ("user-agent",)
+
+
 class _RequestError(Exception):
     def __init__(self, message=None, *, request=None, response=None):
         self.request = request
@@ -108,7 +115,8 @@ def send(request: Request, stream: bool = False) -> Response:
 
     xhr.open(request.method, request.url, False)
     for name, value in request.headers.items():
-        xhr.setRequestHeader(name, value)
+        if name.lower() not in HEADERS_TO_IGNORE:
+            xhr.setRequestHeader(name, value)
 
     xhr.send(to_js(request.body))