@ snehankekre, may I pull you into this discussion? You left very useful advice here: When to use enableCORS and enableXsrfProtection parameters? - 
Using Streamlit - Streamlit
However, I do not fully understand how to implement your solution. What object does self refer to in your case?
e.g. in your answer you describe self.set_header("Access-Control-Allow-Origin", "*"). I would replace the asterisk by my domain, but where do I find this self.set_header?
These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site and which pages are most frequently visited.
These cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our website. These cookies help us to personalize our content for you and remember your preferences.
These cookies may be deployed to our site by our advertising partners to build a profile of your interest and provide you with content that is relevant to you, including showing you relevant ads on other websites.