From pypi/warehouse#4687:
What's the problem this feature will solve?
I'm a developer of pyodide, a port of CPython and the scientific Python stack to WebAssembly. One feature we'd love to add is the ability to install (pure Python) wheels directly from PyPI into the browser (see pyodide/pyodide#147). Unfortunately, this isn't currently possible, since requesting files from files.pythonhosted.org is blocked by CORS. There have been a number of PRs (e.g. #578) that have made CORS work well for the PyPI JSON API, and indeed this is working great for our scenario, so I wonder if you'd be willing to expand that to include the content itself.
Describe the solution you'd like
Adding the appropriate headers to the responses on files.pythonhosted.org to allow CORS requests. Primarily, this would be setting Access-Control-Allow-Origin to *, though there may be some other required details. I am not an expert in CORS issues.
I don't see any reason why we can't add headers similar to https://github.com/pypa/warehouse/blob/211c43c60aed72db1ace58986cd234d4743fed85/warehouse/legacy/api/json.py#L25-L42 here.
From pypi/warehouse#4687:
I don't see any reason why we can't add headers similar to https://github.com/pypa/warehouse/blob/211c43c60aed72db1ace58986cd234d4743fed85/warehouse/legacy/api/json.py#L25-L42 here.