Updated

app/main/views.py

@@ -1,5 +1,6 @@
-from flask import jsonify, Response
-from app import app
+from flask import jsonify, Response, request
+from app import app, WHITE
+
 
 
 @app.route('/robots.txt')
@@ -17,3 +18,15 @@ def static_from_root():
 def index():
     return jsonify({"success": "Api is online"}), 200
 
+# @app.after_request
+# def add_cors_headers(response):
+#     r = request.referrer[:-1]
+#     if r in WHITE:
+#         response.headers.add('Access-Control-Allow-Origin', r)
+#         response.headers.add('Access-Control-Allow-Credentials', 'true')
+#         response.headers.add('Access-Control-Allow-Headers', 'Content-Type')
+#         response.headers.add('Access-Control-Allow-Headers', 'Cache-Control')
+#         response.headers.add('Access-Control-Allow-Headers', 'X-Requested-With')
+#         response.headers.add('Access-Control-Allow-Headers', 'Authorization')
+#         response.headers.add('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE')
+#     return response