By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

CORS issue after attaching WAF to ALB

0

Hi there,
The problem is next:
When I associate WAF with ALB I received an error in the browser console:
The request has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Without WAF everything is ok.
WAF ACL rule:
{
"Name": "HEADER-VERIFICATION",
"Priority": 0,
"Action": {
"Allow": {}
},
"VisibilityConfig": {
"SampledRequestsEnabled": true,
"CloudWatchMetricsEnabled": true,
"MetricName": "MyCustmomHeaderRule"
},
"Statement": {
"ByteMatchStatement": {
"FieldToMatch": {
"SingleHeader": {
"Name": "my_custom_header"
}
},
"PositionalConstraint": "EXACTLY",
"SearchString": "my_serching_string",
"TextTransformations": [
{
"Type": "NONE",
"Priority": 0
}
]
}
}
}

Topics
Security, Identity, & Compliance
Tags
AWS WAF
Language
English
asobko
asked 3 years ago2346 views
2 Answers
0

Did you ever find an answer to this?

cloudlady-911
answered 3 years ago
0

Facing the same issue.

maydevops
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content