allowed_origins
Origin validation utilities.
- pipecat.utils.security.allowed_origins.default_allowed_origins() list[str][source]
Return allowed origins from the
PIPECAT_ALLOWED_ORIGINSenv var.Parses a comma-separated list of origin strings. Returns an empty list (allow all) when the variable is unset or empty.
- pipecat.utils.security.allowed_origins.is_origin_allowed(origin: str, allowed_origins: list[str]) bool[source]
Return whether
originis permitted byallowed_origins.- Parameters:
origin – The value of the
Originheader, or an empty string if absent.allowed_origins – List of allowed origin strings. An empty list allows all origins. When non-empty, a missing or disallowed origin is rejected.