Still can someone tell me how to configure CORS correctly I Serverless Stack #help

Still, can someone tell me how to configure CORS c...

Artemiy Davydov

03/15/2022, 5:16 PM

Still, can someone tell me how to configure CORS correctly? I'm trying to make a production project using SST, but unfortunately there are no examples of full-fledged applications on GitHub

Jackson Bowe

03/16/2022, 10:26 AM

In your lambda functions you need to return the CORS headers as well

Copy code

return {
        'statusCode': 200,
        'headers': {
            'Content-Type': 'application/json',
            'Access-Control-Allow-Headers': '*',
            'Access-Control-Allow-Credentials': 'true',
            'Access-Control-Allow-Origin': '<http://localhost:8080>',
            'Access-Control-Allow-Methods': 'OPTIONS,POST,GET'
        },
        'body': json.dumps(response)
    }

Artemiy Davydov

03/16/2022, 11:01 AM

@Jackson Bowe Should I set

cors

to false to overwrite behaviour?

Artemiy Davydov

03/16/2022, 11:05 AM

Seems like so.

Jackson Bowe

03/16/2022, 11:07 AM

@Artemiy Davydov to be honest, I haven't used SST at all (I can't even get it running on my machine) but I have used cdk and got cors working. You need to enable it on the ApiGateway AND the lambda. At least that's what has worked for me. Unsure about SST specific options sorry

Frank

03/16/2022, 1:27 PM

@Jackson Bowe is right. By setting

CORS

Api

, it’s automatically adding an

OPTION

route with the correct CORS response headers.

Frank

03/16/2022, 1:28 PM

If you need to set response headers in ur GET routes, you’d need to return them in your Lambda functions.

Frank

03/16/2022, 1:28 PM

Btw, if ur browser can make a GET request, it usually means CORS has been already enabled and the OPTION call has passed the CORS check. Is that what you r seeing?

Open in Slack

Previous Next