I want to add / change "Access-Control-Allow-Origin" and "Strict-Transport-Security" headers in my Appsync response. I found a method for sending the custom headers (https://aws.amazon.com/about-aws/whats-new/2022/02/aws-appsync-support-custom-response-headers/) in res.vtl file and I am able to set the "Strict-Transport-Security" header by using that method.
But when I tried the same for "Access-Control-Allow-Origin", it is throwing the error "The header name Access-Control-Allow-Origin is restricted and cannot be included as a custom header."
Any other way, we can modify this header value?
AWS 官方已更新 2 年前