CORs Error from s3 Static pages

Question

We are serving React Javascript static pages from an s3 bucket. The bucket has set CORs permissions to allow for api calls to two different api-gateway HTTP endpoints.

```
[
    {
        "AllowedHeaders": [
            "api-key"
        ],
        "AllowedMethods": [
            "GET",
            "POST",
            "PUT",
            "DELETE",
            "HEAD"
        ],
        "AllowedOrigins": [
            "http://*",
            "https://rest-api.com",
            "https://http-api.com"
        ],
        "ExposeHeaders": [
            "Access-Control-Allow-Origin"
        ]
    }
]
```
In the HTTP API We have CORs enabled:

![Enter image description here](/media/postImages/original/IM_EcnFa_WSU63Bwu_k6zU7w)
I can run the API and frontend locally - make the call the HTTP API to upload the file and it works, but when the files are hosted in s3 we get the error.

![Enter image description here](/media/postImages/original/IMl4CGJszJT52n54Ys-_cgxQ)

THe call isn't even making it to the lambda function because its not getting logged in Cloudwatch, and the only information getting logged to Cloudwatch from the HTTP API is a 500 error but no reason is given.

I do have an `OPTIONS` method specified on this specific endpoint with a lambda integration.
![Enter image description here](/media/postImages/original/IMA22Ya2uGS-6-2COkQUODhg)

And this stage (`test`) is set up for autodeployments.
Even though its not reaching the lamda - we are handling the options request there:

```
 try {
        if (event.routeKey.includes('OPTIONS')) {
            return {
                statusCode: 200,
                headers: {
                    "Access-Control-Allow-Headers" : "*",
                    "Access-Control-Allow-Origin": "*",
                    "Access-Control-Allow-Methods": "OPTIONS,POST"
                }
            };
        }
```

I must be overlooking something. TIA

Answer

Hi ralbritton,

Please check and confirm your configuration as mentioned in the given document below:

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html

If you configure CORS for an HTTP API, then API Gateway automatically sends a response to preflight OPTIONS requests. This response is sent even if there isn't an OPTIONS route configured for your API. For a CORS request, API Gateway adds the configured CORS headers to the response from an integration. Could you please try removing the OPTIONS method and then try again if it works? You could also check the given article for further information:

https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-cors-errors/

If the above doesn't work I would recommend you to raise a Support Case with AWS Premium Support while mentioning the API resource ID, for us to troubleshoot the issue further.

Have a great day ahead!

CORs Error from s3 Static pages

関連するコンテンツ