堆栈内存溢出
  简体   繁体   English

无法在 AWS api-gateway 中为 CORS 设置 Access-Allow-Control-Origin - 返回无效格式错误

[英]Unable to set Access-Allow-Control-Origin in AWS api-gateway for CORS - returns invalid format error

 原文  2020-08-24 17:23:12       amazon-web-services/ cors/ aws-api-gateway

问题描述

I am having trouble with setting up CORS on AWS API-Gateway.我在 AWS API-Gateway 上设置 CORS 时遇到问题。

To provide a bit of background, CORS on API_gateway supports 6 fields as below.为了提供一些背景知识,API_gateway 上的 CORS 支持如下 6 个字段。

Access-Allow-Control-Origin - supports 'https://www.example.com' , '*' , 'https://*' , and 'http://*' Access-Allow-Control-Origin - 支持'https://www.example.com''*''https://*''http://*'

I got this from https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html我从https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html得到这个

When I try '*' and 'https://www.domain-name.com' , I get the following errors:当我尝试'*''https://www.domain-name.com' ,出现以下错误:

在此处输入图片说明

I am not sure what format to follow.我不确定要遵循什么格式。 Also, the '*' seems to be referenced in various links.此外,似乎在各种链接中都引用了'*'

Any help greatly appreciated.非常感谢任何帮助。

1 个解决方案

解决方案1
 0  2020-08-24 22:44:49

If you have enabled cors on your api gateway, the next place to look is the application code such as lambda.如果您在 api 网关上启用了 cors,那么接下来要看的地方是 lambda 等应用程序代码。

Make sure the Lambda is returning the correct cross origin headers in both successful and failure scenarios.确保 Lambda 在成功和失败的情况下都返回正确的跨源标头。 please check if your code is returning cross origin headers all the time.请检查您的代码是否一直在返回跨源头。

To troubleshoot,要排除故障,

Method 1: Check if the request is reaching the lambda from the cloud watch logs.方法一:从云监控日志中检查请求是否到达了lambda。 You can find some useful information such as exceptions thrown by the code.您可以找到一些有用的信息,例如代码抛出的异常。

Method 2: Point the Api gateway target to the Mock integration type.方法二:将Api网关目标指向Mock集成类型。 If the mock integration works, then the problem is the application code.如果模拟集成有效,那么问题在于应用程序代码。 otherwise the problem is in your api gateway end point.否则问题出在您的 api 网关端点。

Also note that any headers you use should be white listed in the Access-Control-Allow-headers section when you enable to cors for your method/resource.另请注意,当您为方法/资源启用 cors 时,您使用的任何标头都应在 Access-Control-Allow-headers 部分中列入白名单。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 AWS API Gateway 时出现错误“访问控制允许来源” - Error 'Access-Control-Allow-Origin' using AWS API Gateway 由于来源被 AWS Api-Gateway 中的 CORS 阻止而被拒绝访问 - Getting access denied due to origin blocked by CORS in AWS Api-Gateway AWS API Gateway - CORS“访问控制允许来源” - 多个条目 - AWS API Gateway - CORS "access-control-allow-origin" - multiple entries AWS API-Gateway不能完全允许CORS - AWS API-Gateway doesn't fully allow CORS “缺少CORS标头'Access-Control-Allow-Origin'”:调用部署的AWS Api网关时 - “CORS header ‘Access-Control-Allow-Origin’ missing ” : while calling deployed AWS Api gateway 带有Cloudformation的AWS Api Gateway CORS“访问控制允许起源”正则表达式 - AWS Api Gateway CORS “access-control-allow-origin” Regex with Cloudformation 请求的资源上不存在“Access-Control-Allow-Origin”header(AWS、API 网关、S3、CORS) - No 'Access-Control-Allow-Origin' header is present on the requested resource (AWS, API Gateway, S3, CORS) API Gateway CORS:没有“Access-Control-Allow-Origin”标头 - API Gateway CORS: no 'Access-Control-Allow-Origin' header AWS API Gateway返回飞行前响应中Access-Control-Allow-Headers不允许的access-control-allow-origin - AWS API Gateway returns access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response AWS API Gateway访问控制-允许来源 - AWS API Gateway Access-Control-Allow-Origin
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM