By using AWS re:Post, you agree to the AWS re:Post Terms of Use

API Gateway blocking response from Lambda via CORS despite CORS headers in response.

0

When I attempt to POST to my REST API deployed to API Gateway, my Lambda does not return a proper response. Instead, it returns:

Access to fetch at 'https://dev.api.no-name-games.com/pay' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I read somewhere that if your API is a REST API with a Lambda integration, you can't set CORS via the console, so I set it in the Lambda itself:

return events.APIGatewayProxyResponse{
	StatusCode: 200,
	Headers: map[string]string{
		"Access-Control-Allow-Origin": "*",
	},
	Body: data.ClientSecret,
}, err

However, when I look at my request/response, I do not see those headers: Enter image description here

1 Answer
0

You have to also enable CORS on API Gateway itself as well AND manage it on lambda too.

On API Gateway, set allowed origins to * and keep your lambda code the same.

Later on when you want to deploy, leave API Gateway as *, but then specify your domain within the lambda function.

Let me know if this helps

answered 6 months ago
  • How/where do I set it in API Gateway? The Enable CORS option does not seem to work.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions