https://serverless-stack.com/ logo
Join Slack
Powered by
Hi Everyone, I am new to Serverless-Stack and Serv...
# help
a
Hi Everyone, I am new to Serverless-Stack and Serverless Framework. I am facing a CORS issue which I can’t find any solution for. I have opened a discussion on the GitHub. I would greatly appreciate anyone’s help with this. https://github.com/serverless-stack/serverless-stack/discussions/593
I keep getting the following response in my browser from API Gateway: “Access to XMLHttpRequest at ‘https://API_ID.execute-api.us-east-1.amazonaws.com/PATH’ from origin ‘http://localhost:3000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”
In my response, I set the following headers:
headers: { 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Credentials': true, 'Content-Type': 'application/json', }
I also set 
cors: true
 in my serverless.yml for each function defined.
It is odd that other POST method APIs are working fine, but my GET method API keeps throwing this error. Has anyone seen this type of issue before?
d
Serverless Stack (SST) does not use serverless.yml It looks like you’re using serverless framework instead. Did you start with this? https://docs.serverless-stack.com/installation
Yeah the POST vs GET diff is really weird. But I haven’t encountered any cors issue myself yet. And we have an API of 30+ endpoints.
a
Hi Dennis, no you’re right, im using Serverless Framework only at the moment.
I have another GET api which is working fine too
its one particular API that is giving this CORS issue. And I checked in API Gateway, I can see an OPTIONS method defined for this API
I’ve followed this guide for handling CORS, but am still facing the issue : https://serverless-stack.com/chapters/handle-api-gateway-cors-errors.html
d
No other particular errors? My next guess is that your lambda itself is throwing the error. So what I’ve noticed before is the a cors error from api gateway may actually be some generic error resulting from a bad lambda
Yeah I definitely recall that whenever my frontend encountered some cors issues with a particular endpoint, it was not cors itself.
a
The Lambda works with Serverless-offline and also when I run the Test directly in AWS API Gateway console, it returns fine. I will test again right now
yup, I am seeing the response Headers in API Gateway as: Response Headers
Copy code
{
  "Access-Control-Allow-Origin": "*",
  "Access-Control-Allow-Methods": "OPTIONS,GET",
  "Access-Control-Allow-Headers": "Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent",
  "Content-Type": "application/json"
}
I tried removing the IAM Authorizer for this api in my serverless yml.. i also tried removing cors: true and enabling IAM authorizor. It is still giving the same preflight issue
f
Hi @Aditya Shahani, have you checked in ur API Gateway console and see if there is an OPTIONS method for the failing GET API path?
a
Hi @Frank, Yes, when I have CORS: True in my serverless.yml , I can see that an OPTIONS method is present in API Gateway for this path. For this path, i also have authorizer: aws_iam set in my yml. I am not sure if that is causing the issue or not, but that is the only difference between this GET endpoint and the other working GET endpoint.
Hi all, I just realized I had a typo in my request URL for this particular endpoint. I was missing a “/” after the environment name
It is working fine now after fixing
f
I see. Glad you figured it out!
a
Thank you both for your help! @Frank @Dennis Dang
d
Always the little things
Open in Slack
PreviousNext
Powered by