无服务器 yml 上的 CORS
CORS on Serverless yml
我有一个 React 应用程序并尝试从 aws 访问无服务器。但是我有以下错误
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.test.com' is therefore not allowed access. The response had HTTP status code 502.
终点url是https://key.execute-api.ap-southeast-2.amazonaws.com/dev/samplefunction
serverless.yml 上的设置是
login:
handler: login.login
events:
- http:
path: login
method: post
cors:
origin: 'https://admin.differentdomain.com'
headers:
- MY_CUSTOM_HEADER
- Content-Type
- X-Amz-Date
- Authorization
- X-Api-Key
- X-Amz-Security-Token
还有什么地方需要配置CORS吗?
此处详细说明了 Serverless 中的 CORS 设置:https://serverless.com/blog/cors-api-gateway-survival-guide/
除了 serverless.yml 中的配置(用于预检请求)之外,您还需要 return header Access-Control-Allow-Origin 和 Access-Control-Allow-Credentials从你的代码。在您的示例和 Node.js 实施中:
return {
statusCode: 200,
headers: {
'Access-Control-Allow-Origin': 'https://admin.differentdomain.com',
'Access-Control-Allow-Credentials': true,
},
body: {},
};
确保在第一个 header 中包含 "https" 部分,我之前偶然发现了这一点。
我有一个 React 应用程序并尝试从 aws 访问无服务器。但是我有以下错误
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.test.com' is therefore not allowed access. The response had HTTP status code 502.
终点url是https://key.execute-api.ap-southeast-2.amazonaws.com/dev/samplefunction
serverless.yml 上的设置是
login:
handler: login.login
events:
- http:
path: login
method: post
cors:
origin: 'https://admin.differentdomain.com'
headers:
- MY_CUSTOM_HEADER
- Content-Type
- X-Amz-Date
- Authorization
- X-Api-Key
- X-Amz-Security-Token
还有什么地方需要配置CORS吗?
此处详细说明了 Serverless 中的 CORS 设置:https://serverless.com/blog/cors-api-gateway-survival-guide/
除了 serverless.yml 中的配置(用于预检请求)之外,您还需要 return header Access-Control-Allow-Origin 和 Access-Control-Allow-Credentials从你的代码。在您的示例和 Node.js 实施中:
return {
statusCode: 200,
headers: {
'Access-Control-Allow-Origin': 'https://admin.differentdomain.com',
'Access-Control-Allow-Credentials': true,
},
body: {},
};
确保在第一个 header 中包含 "https" 部分,我之前偶然发现了这一点。