Preflight Issue with AWS API Gateway and Lambda Function


Hello, I have been experiencing a persistent issue with CORS preflight requests when trying to use AWS API Gateway and Lambda function for sending emails from my website's contact form. Despite following best practices for configuring CORS settings in API Gateway and Lambda, I continue to receive "CORS preflight did not succeed" and "CORS header ‘Access-Control-Allow-Origin’ missing" errors. Here is a summary of the issue and the steps I have taken so far:

I have an API Gateway with a POST method that triggers a Lambda function for processing contact form submissions.
I have enabled CORS in API Gateway, setting the 'Access-Control-Allow-Origin' header to '*' and including all necessary headers and methods.
I have added OPTIONS method to the API Gateway with a Mock integration, and configured the Integration and Method responses with appropriate CORS headers.
I have also modified my Lambda function to handle the OPTIONS request and return appropriate CORS headers.

Despite these configurations, I continue to receive CORS errors when attempting to send requests from my website to the API Gateway URL.

The error messages I receive are as follows:

"CORS Preflight Did Not Succeed"
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS preflight response did not succeed). Status code: 403."
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS request did not succeed). Status code: (null)."

I have tried several troubleshooting steps with the help of an AI language model, but the issue persists. I am now seeking your assistance to identify the root cause of this problem and help me resolve it.

Any suggestions or guidance would be greatly appreciated. Please let me know if you require any additional information or clarification regarding my setup.

Thank you in advance for your help!

1 Answer

This is obviously a Server authorization issue with the application logic. Like insufficient rights. Therefore your URL cannot be access by your API-Gateway. Clear your browser cache. Add plugin to web browser to overrride cors settings of browser. just for test on browser. Modify the application logical permissions ( IAM) so it can use Lambda. If you add headers to your response, you don't need to apply the second item. "Access-Control-Allow-Origin": "*", "Access-Control-Allow-Credentials"

profile picture
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions