Enable CORS when running AWS SAM CLI locally










1















Whenever I try to access serverless lambda function via POST through the browser I get the error




Response to preflight request doesn't pass access control check: No >'Access-Control-Allow-Origin' header is present on the requested resource.




When it is a /GET it works fine I have read it is because it is not sending pre flight request. When I change it to POST this is when it fails.



The command I am running:



sam local start-api



And my template.yaml is:



...

Resources:
 PropertiesFunction:
 Type: AWS::Serverless::Function
 Properties:
 CodeUri: target/service-0.0.1-SNAPSHOT.jar
 Handler: com.aws.PropertiesHandler::handleRequest
 Runtime: java8
 Events:
 PropertiesApi:
 Type: Api
 Properties:
 Path: /properties
 Method: post

...


How can I enable CORS on these endpoints?






amazon-web-services aws-lambda aws-api-gateway serverless aws-sam-local







share|improve this question




























    1















    Whenever I try to access serverless lambda function via POST through the browser I get the error




    Response to preflight request doesn't pass access control check: No >'Access-Control-Allow-Origin' header is present on the requested resource.




    When it is a /GET it works fine I have read it is because it is not sending pre flight request. When I change it to POST this is when it fails.



    The command I am running:



    sam local start-api



    And my template.yaml is:



    ...

    Resources:
     PropertiesFunction:
     Type: AWS::Serverless::Function
     Properties:
     CodeUri: target/service-0.0.1-SNAPSHOT.jar
     Handler: com.aws.PropertiesHandler::handleRequest
     Runtime: java8
     Events:
     PropertiesApi:
     Type: Api
     Properties:
     Path: /properties
     Method: post

    ...


    How can I enable CORS on these endpoints?






    amazon-web-services aws-lambda aws-api-gateway serverless aws-sam-local







    share|improve this question


























      1












      1








      1








      Whenever I try to access serverless lambda function via POST through the browser I get the error




      Response to preflight request doesn't pass access control check: No >'Access-Control-Allow-Origin' header is present on the requested resource.




      When it is a /GET it works fine I have read it is because it is not sending pre flight request. When I change it to POST this is when it fails.



      The command I am running:



      sam local start-api



      And my template.yaml is:



      ...

      Resources:
       PropertiesFunction:
       Type: AWS::Serverless::Function
       Properties:
       CodeUri: target/service-0.0.1-SNAPSHOT.jar
       Handler: com.aws.PropertiesHandler::handleRequest
       Runtime: java8
       Events:
       PropertiesApi:
       Type: Api
       Properties:
       Path: /properties
       Method: post

      ...


      How can I enable CORS on these endpoints?






      amazon-web-services aws-lambda aws-api-gateway serverless aws-sam-local







      share|improve this question
















      Whenever I try to access serverless lambda function via POST through the browser I get the error




      Response to preflight request doesn't pass access control check: No >'Access-Control-Allow-Origin' header is present on the requested resource.




      When it is a /GET it works fine I have read it is because it is not sending pre flight request. When I change it to POST this is when it fails.



      The command I am running:



      sam local start-api



      And my template.yaml is:



      ...

      Resources:
       PropertiesFunction:
       Type: AWS::Serverless::Function
       Properties:
       CodeUri: target/service-0.0.1-SNAPSHOT.jar
       Handler: com.aws.PropertiesHandler::handleRequest
       Runtime: java8
       Events:
       PropertiesApi:
       Type: Api
       Properties:
       Path: /properties
       Method: post

      ...


      How can I enable CORS on these endpoints?






      amazon-web-services aws-lambda aws-api-gateway serverless aws-sam-local




      amazon-web-services aws-lambda aws-api-gateway serverless aws-sam-local






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 15 '18 at 21:36







      Eduardo Dennis

















      asked Nov 15 '18 at 4:23









      Eduardo DennisEduardo Dennis

      9,044106184




      9,044106184






















          1 Answer
          1






          active

          oldest

          votes


















          2














          You should be able to get around this for local testing by explicitly adding the following headers to your response, in your handler function:



           "Access-Control-Allow-Origin": "*"


          You can use an environment variable that only adds the headers if you're running locally.



          Here's a simple Python example from a handler function I have:



           if not all(field in values for field in required_fields):
           response = 
           'statusCode': 400,
           'body': json.dumps(
           
           'message': 'Required data missing from request body'
           
           ) 
           
           # explicitly add CORs headers for local testing
           response['headers'] = "Access-Control-Allow-Origin": "*"
           return response


          This is only suitable for local testing, when you deploy to an API Gateway CORs is handled by configuration on the API Gateway.



          This solution worked for me until I also added authorization to the API, with a Cognito user pool, which I'm currently trying to work through.



          Here's a similar post on the issue:
          How to Enable CORS for an AWS API Gateway Resource



          Here's reference to it in the official AWS documentation.






          share|improve this answer

























          • Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

            – Chris
            Feb 4 at 2:48










          Your Answer






          StackExchange.ifUsing("editor", function ()
          StackExchange.using("externalEditor", function ()
          StackExchange.using("snippets", function ()
          StackExchange.snippets.init();
          );
          );
          , "code-snippets");

          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "1"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53312412%2fenable-cors-when-running-aws-sam-cli-locally%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          2














          You should be able to get around this for local testing by explicitly adding the following headers to your response, in your handler function:



           "Access-Control-Allow-Origin": "*"


          You can use an environment variable that only adds the headers if you're running locally.



          Here's a simple Python example from a handler function I have:



           if not all(field in values for field in required_fields):
           response = 
           'statusCode': 400,
           'body': json.dumps(
           
           'message': 'Required data missing from request body'
           
           ) 
           
           # explicitly add CORs headers for local testing
           response['headers'] = "Access-Control-Allow-Origin": "*"
           return response


          This is only suitable for local testing, when you deploy to an API Gateway CORs is handled by configuration on the API Gateway.



          This solution worked for me until I also added authorization to the API, with a Cognito user pool, which I'm currently trying to work through.



          Here's a similar post on the issue:
          How to Enable CORS for an AWS API Gateway Resource



          Here's reference to it in the official AWS documentation.






          share|improve this answer

























          • Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

            – Chris
            Feb 4 at 2:48















          2














          You should be able to get around this for local testing by explicitly adding the following headers to your response, in your handler function:



           "Access-Control-Allow-Origin": "*"


          You can use an environment variable that only adds the headers if you're running locally.



          Here's a simple Python example from a handler function I have:



           if not all(field in values for field in required_fields):
           response = 
           'statusCode': 400,
           'body': json.dumps(
           
           'message': 'Required data missing from request body'
           
           ) 
           
           # explicitly add CORs headers for local testing
           response['headers'] = "Access-Control-Allow-Origin": "*"
           return response


          This is only suitable for local testing, when you deploy to an API Gateway CORs is handled by configuration on the API Gateway.



          This solution worked for me until I also added authorization to the API, with a Cognito user pool, which I'm currently trying to work through.



          Here's a similar post on the issue:
          How to Enable CORS for an AWS API Gateway Resource



          Here's reference to it in the official AWS documentation.






          share|improve this answer

























          • Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

            – Chris
            Feb 4 at 2:48













          2












          2








          2







          You should be able to get around this for local testing by explicitly adding the following headers to your response, in your handler function:



           "Access-Control-Allow-Origin": "*"


          You can use an environment variable that only adds the headers if you're running locally.



          Here's a simple Python example from a handler function I have:



           if not all(field in values for field in required_fields):
           response = 
           'statusCode': 400,
           'body': json.dumps(
           
           'message': 'Required data missing from request body'
           
           ) 
           
           # explicitly add CORs headers for local testing
           response['headers'] = "Access-Control-Allow-Origin": "*"
           return response


          This is only suitable for local testing, when you deploy to an API Gateway CORs is handled by configuration on the API Gateway.



          This solution worked for me until I also added authorization to the API, with a Cognito user pool, which I'm currently trying to work through.



          Here's a similar post on the issue:
          How to Enable CORS for an AWS API Gateway Resource



          Here's reference to it in the official AWS documentation.






          share|improve this answer















          You should be able to get around this for local testing by explicitly adding the following headers to your response, in your handler function:



           "Access-Control-Allow-Origin": "*"


          You can use an environment variable that only adds the headers if you're running locally.



          Here's a simple Python example from a handler function I have:



           if not all(field in values for field in required_fields):
           response = 
           'statusCode': 400,
           'body': json.dumps(
           
           'message': 'Required data missing from request body'
           
           ) 
           
           # explicitly add CORs headers for local testing
           response['headers'] = "Access-Control-Allow-Origin": "*"
           return response


          This is only suitable for local testing, when you deploy to an API Gateway CORs is handled by configuration on the API Gateway.



          This solution worked for me until I also added authorization to the API, with a Cognito user pool, which I'm currently trying to work through.



          Here's a similar post on the issue:
          How to Enable CORS for an AWS API Gateway Resource



          Here's reference to it in the official AWS documentation.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 21 '18 at 17:04

























          answered Nov 20 '18 at 21:09









          user10682499user10682499

          212




          212












          • Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

            – Chris
            Feb 4 at 2:48

















          • Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

            – Chris
            Feb 4 at 2:48
















          Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

          – Chris
          Feb 4 at 2:48





          Did you ever have any luck after adding the auth - I'm at the same point unfortunately.

          – Chris
          Feb 4 at 2:48



















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53312412%2fenable-cors-when-running-aws-sam-cli-locally%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          這個網誌中的熱門文章

          What does pagestruct do in Eviews?

          圖片
          0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. What does the following command do in Eviews (I am very new to Eviews) pagestruct crossid @date(dateid) structure eviews share | improve this question edited Nov 12 at 4:19 asked Nov 8 at 9:13 Dom Jo 42 6 add a comment  |  0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. What does the following command do in Eviews (I am very new to Eviews) pagestruct crossid @date(dateid) structure eviews share | improve this question edited Nov 12 at 4:19 asked Nov 8 at 9:13 Dom Jo 42 6 add a comment  |  0 0 0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. Wh...
          閱讀完整內容

          Dutch intervention in Lombok and Karangasem

          圖片
          Dutch intervention in Lombok and Karangasem (1894) Attack of the Dutch on a Balinese stronghold in Lombok in 1894. Date July–November 1894 Location Lombok Result Decisive Dutch victory. Dutch control of Lombok and Karangasem. Belligerents Netherlands Eastern Sasak Lombok Mataram Western Sasak Commanders and leaders General-Major Jacobus Augustinus Vetter (Commander) General-Major P.P.H. van Ham (Second in command)   † Strength 2,200 (July expedition) Casualties and losses 500 (August 1894) 166 (November 1894) Thousands v t e Dutch interventions in Bali Northern Bali (1846) Northern Bali (1848) Bali (1849) Lombok and Karangasem (1894) Southern Bali (1906) Southern Bali (1908) v t e Dutch colonial campaigns 17th Century Bantam (1601) Malacca (1606) Cape Rachado (1606) Banda Islands (1621) Macau (1622) Pescadores (1622–1624) Bahia (1624) Persian Gulf (1625) Elmina (1625) Cuba (1628) Recife (1630) Albrolhos (1631) Liaoluo Bay (1633) Taiwan (1635–36) Lamey...
          閱讀完整內容

          Channel Islands

          圖片
          This article is about the Crown dependencies. For the islands off Southern California, see Channel Islands (California). For the French Channel Islands, see Chausey. Channel Islands Îles Anglo-Normandes    (French) Îles d'la Manche    (Norman) Satellite photo of the Channel Islands in 2012 Location of the Channel Islands Geography Location Western Europe Coordinates 49°26′N 2°19′W  /  49.433°N 2.317°W  / 49.433; -2.317 Coordinates: 49°26′N 2°19′W  /  49.433°N 2.317°W  / 49.433; -2.317 Adjacent bodies of water English Channel Total islands 8 inhabited Major islands Jersey and Guernsey Area 198 km 2 (76 sq mi) Highest point Les Platons Administration Bailiwick of Guernsey Capital and largest settlement Saint Peter Port, Guernsey Area covered 78 km 2 (30 sq mi;  7001394000000000000♠ 39.4%) Bailiwick ...
          閱讀完整內容