diff --git a/socketio/asyncio_server.py b/socketio/asyncio_server.py index 45f5d86b..6eed5d4e 100644 --- a/socketio/asyncio_server.py +++ b/socketio/asyncio_server.py @@ -51,9 +51,11 @@ class AsyncServer(server.Server): is greater than this value. :param cookie: Name of the HTTP cookie that contains the client session id. If set to ``None``, a cookie is not sent to the client. - :param cors_allowed_origins: List of origins that are allowed to connect - to this server. All origins are allowed by - default. + :param cors_allowed_origins: Origin or list of origins that are allowed to + connect to this server. Only the same origin + is allowed by default. Set this argument to + ``'*'`` to allow all origins, or to ``[]`` to + disable CORS handling. :param cors_credentials: Whether credentials (cookies, authentication) are allowed in requests to this server. :param engineio_logger: To enable Engine.IO logging set to ``True`` or pass diff --git a/socketio/server.py b/socketio/server.py index f9a74dc5..22ba491c 100644 --- a/socketio/server.py +++ b/socketio/server.py @@ -78,9 +78,11 @@ class Server(object): :param cookie: Name of the HTTP cookie that contains the client session id. If set to ``None``, a cookie is not sent to the client. The default is ``'io'``. - :param cors_allowed_origins: List of origins that are allowed to connect - to this server. All origins are allowed by - default. + :param cors_allowed_origins: Origin or list of origins that are allowed to + connect to this server. Only the same origin + is allowed by default. Set this argument to + ``'*'`` to allow all origins, or to ``[]`` to + disable CORS handling. :param cors_credentials: Whether credentials (cookies, authentication) are allowed in requests to this server. The default is ``True``.