Access-Control-Allow-Origin in HTTP Header on Google App Engine

To add Access-Control-Allow-Origin in HTTP headers on Google App Engine, many search results said that we CAN NOT add it. But actually we CAN add it now. The following is an example of how I add Access-Control-Allow-Origin in my app.yaml file (Google App Engine for Python, the same for Google App Engine for Go).

- url: /translation
  static_dir: static/translation
  http_headers:
    Access-Control-Allow-Origin: "*"

For Python & Go config details, please refer to reference [1] and [2].

For Google App Engine for Java user, the following is an example from the official doc:

<static-files>
  <include path="/my_static-files" >
    <http-header name="Access-Control-Allow-Origin" value="http://example.org" />
  </include>
</static-files>

For Java config details, please refer to reference [3].

References:

[1]CORS Support - Configuring with app.yaml - Python
[2]CORS Support - Configuring with app.yaml - Go
[3]Configuring appengine-web.xml - Java
[4]Cross-origin resource sharing
Powered by Github Pages, Pelican, pyScss.