Whenever I try to access serverless lambda function via POST through the browser I get the error
Response to preflight request doesn't pass access control check: No >'Access-Control-Allow-Origin' header is present on the requested resource.
When it is a /GET
it works fine I have read it is because it is not sending pre flight request. When I change it to POST
this is when it fails.
The command I am running:
sam local start-api
And my template.yaml is:
...
Resources:
PropertiesFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: target/service-0.0.1-SNAPSHOT.jar
Handler: com.aws.PropertiesHandler::handleRequest
Runtime: java8
Events:
PropertiesApi:
Type: Api
Properties:
Path: /properties
Method: post
...
How can I enable CORS on these endpoints?
When you run this command in a directory that contains your serverless functions and your AWS SAM template, it creates a local HTTP server that hosts all of your functions. By default when you use this command, the AWS SAM CLI assumes that your current working directory is your project's root directory.
For more compiled languages or projects that require complex packing support, we recommend that you run your own building solution, and point AWS SAM to the directory or file that contains the build artifacts. To see an end-to-end example that uses this command, see Tutorial: Deploying a Hello World application.
SAM or serverless application model is an open-source framework for building serverless applications. It provides shorthand syntax to express functions, APIs, databases, and event source mappings. SAM transforms and expands the SAM syntax into AWS CloudFormation syntax.
By default when you use this command, the AWS SAM CLI assumes that your current working directory is your project's root directory. The AWS SAM CLI first tries to locate a template file built using the sam build command, located in the .aws-sam subfolder, and named template.yaml or template.yml.
I had the same error and I have already fixed it in 3 steps. (AWS Lambda in Java8, SAM CLI v0.37.0)
Map<String, String> headers = new HashMap<>();
headers.put("Content-Type", "application/json");
headers.put("X-Custom-Header", "application/json");
headers.put("Access-Control-Allow-Origin", "*");
headers.put("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, PATCH, DELETE");
headers.put("Access-Control-Allow-Headers", "X-Requested-With,content-type");
Globals:
Function:
Timeout: 20
Api:
Cors:
AllowMethods: "'GET,POST,OPTIONS'"
AllowHeaders: "'content-type'"
AllowOrigin: "'*'"
AllowCredentials: "'*'"
Events:
HelloWorld:
Type: Api
Properties:
# Path: /hello
# Method: get
Path: "/{proxy+}"
Method: ANY
First, you will need to add the following section in the template.yml to enable cors in the API gateway:
Globals:
Api:
Cors:
AllowMethods: "'GET,POST,OPTIONS'"
AllowHeaders: "'content-type'"
AllowOrigin: "'*'"
AllowCredentials: "'*'"
Then in your lambda function response
MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*");
headers.add("Access-Control-Allow-Headers", requestContext.getHeaderString("Access-Control-Request-Headers"));
headers.add("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE,HEAD,OPTIONS");
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With