Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

API Gateway + Lambda - CORS Issue

Tags:

aws-lambda

aws-api-gateway

http-status-code-415

i am experiencing continuing problems with the CORS integration for API Gateway + Lambda. i have enabled CORs for the resources associated with the API. Everything appears to work fine via Lambda testing, Postman testing etc, but calling the api from a webpage script is giving the following error "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 415." Do I need to change the Lambda function? Thanks

Here is my simple Lambda code..

'use strict';
var AWS = require('aws-sdk');
var dclient = new AWS.DynamoDB.DocumentClient();
var getItems = (event, context, callback) => {

    var params = {
        TableName: "OMSCaseDataTest",
        Key: {
            "IncidentID": event.IncidentID
        }
    }
    dclient.get(params, (error, data) => {
        if (error) {
            callback(null, "error occured")
        } else {
            callback(null, data);

        }
    });
};
exports.getItems = getItems;
like image 681
Patrick Avatar asked Oct 31 '25 02:10

Patrick

2 Answers

If you are using proxy integration in API Gateway, then enabling CORS from API Gateway doesn't work. You have to set the Header 'Access-Control-Allow-Origin' from your Lambda code itself.

Its mentioned in the doc.

Python code sample:

response = {
    'statusCode': 200,
    'headers': {
        'Access-Control-Allow-Origin': '*'
    },
    'body': json.dumps({'message': 'CORS enabled')
}
return response
like image 108
Dawn T Cherian Avatar answered Nov 03 '25 12:11

Dawn T Cherian

Assuming you're using proxy integration, you'll need to handle the CORS yourself. Your lambda function will need to handle the HTTP methods differently. CORS problems usually occur when the pre-flight option request is not entertained. Here's a code snippet could help your cause.

function main(event, context, lambdaCallback) {
    if (event.httpMethod === 'OPTIONS') {
        doneOptions(200, '{"status": "OK"}', 'application/json', lambdaCallback);
    } else if (event.httpMethod === 'POST') {
        // do your POST here
    } else {
        return done(400, '{"message":"Invalid HTTP Method"}', 'application/json', lambdaCallback);
    }
}

The functions that return the HTTP 200 to your frontend which decide what your frontend/API could call and what's not.

function doneOptions(statusCode, body, contentType, lambdaCallback, isBase64Encoded = false) {
    lambdaCallback(null, {
        statusCode: statusCode,
        isBase64Encoded: isBase64Encoded,
        body: body,
        headers: {
            'Content-Type': contentType,
            'Access-Control-Allow-Origin': '*',
            'Access-Control-Allow-Headers': 'Authorization,Content-Type',
            'Access-Control-Allow-Method': 'GET,POST,OPTIONS',
        }
    });
}
like image 26
xion Avatar answered Nov 03 '25 13:11

xion
Sign in to Comment

Related questions

Lambda Function timing out when uploading to S3
dynamodb keyconditionexpression vs filterexpression costs?
AWS Amplify Duplicate Error: Duplicated files or mocks
Can I use xvfb with AWS Lambda?
Lambda function through API gateway fails due to Malformed Lambda proxy response

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!