https://serverless-stack.com/ logo
Join Slack
Powered by
I’m driving myself crazy with some CORS issues, ho...
# sst
g
I’m driving myself crazy with some CORS issues, hoping someone has had similar experience. My GET requests are resolving fine, but my POSTs are not. Any troubleshooting tips?
I’m using the following configuration for my 
sst.API
Copy code
cors: {
  allowCredentials: true,
  allowHeaders: ['*'],
  allowMethods: ['*'],
  allowOrigins: ['<https://mydomain.com>', '<https://dev.mydomain.com>', '<http://localhost:3000>'],
  exposeHeaders: ['Content-Range', 'Access-Control-Allow-Origin']
},
a
@Guy Shechter did you check the console?
I mean AWS console.
g
Access to XMLHttpRequest at … from origin ‘http://localhost:3000’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Where in the AWS console? The cors configuration on the API GW is what I would expect
a
Are you specifying the host header in your requests?
a
How did you put the wildcard?
In methods.
g
Javascript accepts it, I guess typescript wants the CorsHttpMethod.ANY
a
Oh yeah, thought you were using TS.
s
what if you set 
cors: true
- do POST requests work then?
g
As someone previously wrote, it’s often not a CORS issue at all. In this case it was a capitalized letter in the URL. 🤦
a
😐
Ah the problem is the HTTP ERRORS then.
The errors are not returning the cors.
Then you get for example 400 error, and no cors header, then browser shows cors error, but it’s a 400.
This happened to me on SLS lot of times, because errors schemas are defined in a separated configuration.
Open in Slack
PreviousNext
Powered by