[英]CORS in AWS API Gateway + AWS Lambda
I am attempting to set up a POST lambda function using AWS Lambda and API Gateway. 我正在尝试使用AWS Lambda和API Gateway设置POST lambda函数。 This POST should be callable from a modern browser using Javascript, so naturally, I need to enable CORS for this.
这个POST应该可以从使用Javascript的现代浏览器中调用,因此自然地,我需要为此启用CORS。 Unfortunately, no matter what I do, the server is returning with a 400 error in Firefox.
不幸的是,无论我做什么,服务器在Firefox中返回400错误。 I have enabled CORS on my POST function in Gateway as well as set up an OPTIONS function with all the necessary headers, yet I still get this:
我已经在Gateway的POST函数上启用了CORS,并使用所有必需的标头设置了OPTIONS函数,但仍然得到了以下信息:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://ua1c36to9i.execute-api.ap-southeast-2.amazonaws.com/beta. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
It's telling me that I'm not receiving an Access-Control-Allow-Origin
header, which I can confirm by looking at the response in the Network tab: 告诉我没有收到
Access-Control-Allow-Origin
标头,可以通过查看“网络”选项卡中的响应来确认该标头:
Content-Length: 181
Content-Type: application/json
Date: Sun, 23 Apr 2017 03:39:10 GMT
Via: 1.1 d0d3075c33572544a6859ec75d2258a1.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EEMUjL78Bf1PSwt4E4QGPgTLXSD8sehiUCgy-XA7TC_1cKv3jxs9Rg==
X-Cache: Error from cloudfront
X-Firefox-Spdy: h2
x-amzn-RequestId: 6943b9bd-27d6-11e7-aaae-f36ce836982f
The header X-Cache: Error from cloudfront
seems to tell me that Lambda must be returning some kind of internal server error, and CORS is only enabled on Gateway for HTTP 200 requests. 标头
X-Cache: Error from cloudfront
似乎告诉我Lambda必须返回某种内部服务器错误,并且仅在Gateway上为HTTP 200请求启用了CORS。 Indeed, my OPTIONS preflight returns with HTTP 200 OK, which shows that CORS seems to be enabled just fine. 确实,我的OPTIONS预检返回的HTTP 200 OK,这表明CORS似乎已启用。 But I don't know how to capture an error with lambda and enable it for CORS so I don't know what my internal error could possibly be.
但是我不知道如何使用lambda捕获错误并将其启用以用于CORS,所以我不知道我的内部错误可能是什么。
But what strikes me as curious is that if I use test-cors.org to test my POST function, it claims that I get an HTTP 200 OK. 但是令我感到奇怪的是,如果我使用test-cors.org测试我的POST函数,它声称我得到了HTTP 200 OK。 Even stranger, if I copy the exact code it generates to make the request and put it into a test HTML page on my local machine, I get HTTP 400 anyway.
甚至更陌生,如果我复制它生成的确切代码以发出请求并将其放入本地计算机上的测试HTML页面中,无论如何我都会得到HTTP 400。 What's going on?
这是怎么回事?
My ajax call: 我的ajax电话:
var myData = JSON.parse(this.result);
console.log(result);
$.ajax({
type: "POST",
dataType: "json",
url: "https://ua1c36to9i.execute-api.ap-southeast-2.amazonaws.com/beta",
data: myData,
headers: {
"Content-Type":"application/json"
},
success: function (data) {
console.log(data);
},
error: function (error) {
console.log(error);
}
});
The function on AWS Lambda is currently configured to ignore the POSTed data and just return a hardcoded string, so the AJAX payload shouldn't matter. 当前,AWS Lambda上的函数已配置为忽略POST数据,而仅返回一个硬编码字符串,因此AJAX有效负载无关紧要。
You could try downloading the AWS APIG SDK and execute your AJAX call using the apigClient, and then compare headers with those from your script. 您可以尝试下载AWS APIG SDK,并使用apigClient执行AJAX调用,然后将标头与脚本中的标头进行比较。
Take a look here: AWS API Gateway - CORS + POST not working 在这里看看: AWS API Gateway-CORS + POST无法正常工作
The setting of the header manually is particularly interesting based on your code: 根据您的代码,手动设置标头特别有趣:
headers: {
"Access-Control-Allow-Origin": "*"
},
I also recommend trying: 我还建议尝试:
data: JSON.stringify(myData)
This is also a good resource: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS 这也是一个很好的资源: https : //developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Our API server had some issues with CORS on AWS Beanstalk and for us, it came down to correctly setting them. 我们的API服务器在AWS Beanstalk上的CORS遇到了一些问题,对我们而言,归结为正确设置它们。 I remember requiring to clear my cache a few times also when we were initially setting it up.
我记得在最初设置缓存时也需要多次清除缓存。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.