- Add the ability to control origin wildcard sending as a wildcard seen in the allow origin header can be considered dangerous by some.
- Add
cors_exemptto top level package import. - Improve the typing througout.
- Support Python 3.13, and 3.12 drop Python 3.8 and 3.7.
- Send Vary: Origin for non-CORS requests.
- Add the ability to exempt routes/websockets from cors.
- Ensure header name comparison is based on lowercased header names.
- Much improve the typing, leading to more accurate type checking.
- Officially support Python 3.10, and Python 3.11.
- Switch to GitHub rather than GitLab.
- Support Quart 0.15 as the minimum version.
- Support Python 3.9.
- Allow the allowed origin to be a regex pattern (or iterable thereof).
- Bugfix crash when sending OPTIONS with missing Access-Control-Allow-Origin header.
- Support Python 3.8.
- Support Quart >= 0.11.1 - with this only a single origin (or wildcard) can be returned as the Access-Control-Allow-Origin header, as per the specification.
- Move files to within a quart_cors folder to ensure the py.typed file is picked up.
- Drop support for Python 3.6.
- Add a websocket_cors function that checks the origin and will respond with 400 if not an allowed origin.
- Add py.typed for PEP 561 compliance.
- Bugfix allow all request_headers when allow_headers is set to "*".
- Bumped minimum Quart version to 0.6.11 due to a bug in Quart.
- Released initial alpha version.