how do we set up CORS on a per-route basis? I’m ru...
# helps
Sam Hulick
08/31/2021, 7:47 PMhow do we set up CORS on a per-route basis? I’m running into an issue where one of my routes is called from the front end
withCredentials: trueOPTIONSaccess-control-allow-origin: *withCredentials === trueSam Hulick
08/31/2021, 7:54 PMI guess AWS doesn’t allow this.. so I just have to set the right CORS options for the whole API
Sam Hulick
08/31/2021, 7:56 PMhmm. Serverless Framework would do some trickery with the API Gateway CORS setup so it would take the requester’s origin and echo it back in the
Access-Control-Allow-OriginSam Hulick
08/31/2021, 7:57 PMnot sure how to set this up on HTTP API
f
Frank
08/31/2021, 8:27 PM
Hey @Sam Hulick, do you have a link to what Serverless Framework is doing? Or maybe share a snippet from the generated CloudFormation template?
Frank
08/31/2021, 8:27 PM
Should be easy to reverse engineer.
s
Sam Hulick
08/31/2021, 8:27 PMI don’t think it’s doable in HTTP API 😕 Serverless Framework is spitting out some sort of template code that REST API supports. one sec, lemme see if I can find it
Sam Hulick
08/31/2021, 8:32 PM@Frank I can’t find it. but I remember looking at how they supported wildcards, and it injected some kind of script into the REST API’s CORS settings
Sam Hulick
08/31/2021, 8:32 PMwhich basically just echoed back the origin, if it matched the wildcard pattern
Sam Hulick
08/31/2021, 8:37 PMnow I’m obsessed and need to find out. 😄 I’ll spin up a quick SLS stack and see if I can find it
Sam Hulick
08/31/2021, 8:55 PMI must be imagining things..huh. I guess
https://*.<http://app.net|app.net>Sam Hulick
08/31/2021, 8:56 PMI was pretty sure they used to use a mapping template for wildcards in the origin
f
Frank
08/31/2021, 9:02 PM
Oh I see. Via the mapping template for REST API
s
Sam Hulick
08/31/2021, 9:02 PMyeah
3 Views