From 61f6acb5c99734542971e49b170663eda05a93f5 Mon Sep 17 00:00:00 2001
From: Matthias <xmatthias@outlook.com>
Date: Sat, 16 May 2020 07:07:24 +0200
Subject: [PATCH] Add cors support - needed for UI

---
 freqtrade/rpc/api_server.py     | 2 ++
 requirements-common.txt         | 1 +
 setup.py                        | 2 +-
 tests/rpc/test_rpc_apiserver.py | 1 +
 4 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/freqtrade/rpc/api_server.py b/freqtrade/rpc/api_server.py
index 68f4b1ca9..61eacf639 100644
--- a/freqtrade/rpc/api_server.py
+++ b/freqtrade/rpc/api_server.py
@@ -7,6 +7,7 @@ from typing import Any, Callable, Dict
 from arrow import Arrow
 from flask import Flask, jsonify, request
 from flask.json import JSONEncoder
+from flask_cors import CORS
 from flask_jwt_extended import (JWTManager, create_access_token,
                                 create_refresh_token, get_jwt_identity,
                                 jwt_refresh_token_required,
@@ -88,6 +89,7 @@ class ApiServer(RPC):
 
         self._config = freqtrade.config
         self.app = Flask(__name__)
+        self._cors = CORS(self.app, resources={r"/api/*": {"origins": "*"}})
 
         # Setup the Flask-JWT-Extended extension
         self.app.config['JWT_SECRET_KEY'] = self._config['api_server'].get(
diff --git a/requirements-common.txt b/requirements-common.txt
index 02c4ebc20..017974c9e 100644
--- a/requirements-common.txt
+++ b/requirements-common.txt
@@ -26,6 +26,7 @@ sdnotify==0.3.2
 # Api server
 flask==1.1.2
 flask-jwt-extended==3.24.1
+flask-cors==3.0.8
 
 # Support for colorized terminal output
 colorama==0.4.3
diff --git a/setup.py b/setup.py
index 8c0de095e..20963a15f 100644
--- a/setup.py
+++ b/setup.py
@@ -16,7 +16,7 @@ if readme_file.is_file():
     readme_long = (Path(__file__).parent / "README.md").read_text()
 
 # Requirements used for submodules
-api = ['flask', 'flask-jwt-extended']
+api = ['flask', 'flask-jwt-extended', 'flask-cors']
 plot = ['plotly>=4.0']
 hyperopt = [
     'scipy',
diff --git a/tests/rpc/test_rpc_apiserver.py b/tests/rpc/test_rpc_apiserver.py
index ffdd5be15..b953097d5 100644
--- a/tests/rpc/test_rpc_apiserver.py
+++ b/tests/rpc/test_rpc_apiserver.py
@@ -49,6 +49,7 @@ def client_get(client, url):
 def assert_response(response, expected_code=200):
     assert response.status_code == expected_code
     assert response.content_type == "application/json"
+    assert ('Access-Control-Allow-Origin', '*') in response.headers._list
 
 
 def test_api_not_found(botclient):