how do we set up CORS on a per-route basis? I’m ru...
# help
how do we set up CORS on a per-route basis? I’m running into an issue where one of my routes is called from the front end
withCredentials: true
, and the
request is failing because the response can’t be
access-control-allow-origin: *
withCredentials === true
I guess AWS doesn’t allow this.. so I just have to set the right CORS options for the whole API
hmm. Serverless Framework would do some trickery with the API Gateway CORS setup so it would take the requester’s origin and echo it back in the
not sure how to set this up on HTTP API
Hey @Sam Hulick, do you have a link to what Serverless Framework is doing? Or maybe share a snippet from the generated CloudFormation template?
Should be easy to reverse engineer.
I don’t think it’s doable in HTTP API 😕 Serverless Framework is spitting out some sort of template code that REST API supports. one sec, lemme see if I can find it
@Frank I can’t find it. but I remember looking at how they supported wildcards, and it injected some kind of script into the REST API’s CORS settings
which basically just echoed back the origin, if it matched the wildcard pattern
now I’m obsessed and need to find out. 😄 I’ll spin up a quick SLS stack and see if I can find it
I must be imagining things..huh. I guess
is valid for the origin in REST API
I was pretty sure they used to use a mapping template for wildcards in the origin
Oh I see. Via the mapping template for REST API