无法在Lambda + API网关+ Cloudfront层的Cloudfront上启用CORS [英] Can't enable CORS on Lambda + API Gateway + Cloudfront on the Cloudfront layer

问题描述

我已经部署了一个lambda，它本身在响应中返回了'Access-Control-Allow-Origin'：'*'标头。

I have deployed a lambda, which in itself returns an 'Access-Control-Allow-Origin': '*' header in it's response.

我从API网关调用它。

I call it from an API Gateway. When calling the API gateway URL, the CORS configuration is fine.

我将CloudFront放在API的前面，但是现在我无法作为CORS配置访问API似乎被CloudFront覆盖了，我不确定在CloudFront中的哪里添加自定义标头。

I placed CloudFront in front of the API, however now I am unable to access the API as the CORS configuration seems to be overridden by CloudFront, and I am not sure where to add custom headers in CloudFront.

如何在CloudFront中启用CORS？

How do you enable CORS inside CloudFront?

推荐答案

进入CloudFront发行版，单击行为，选择每个行为，然后单击编辑，您将看到标题为白名单标题的部分。选择 Access-Control-Request-Headers和 Access-Control-request-methods，然后单击添加，还添加 Origin（感谢Michael的帮助），右键单击是，编辑。

Go into your CloudFront distribution, click behaviours, select each behaviour and click edit, you'll see the section titled whitelist headers. Select 'Access-Control-Request-Headers' and 'Access-Control-request-methods' and click Add, also add Origin(thanks Michael for the catch), bottom right click "yes, edit".

编辑：请参阅下面有关防止缓存的响应的Michael评论。

please see Michael's comment below regarding preventing cached responses.

Voila。

这篇关于无法在Lambda + API网关+ Cloudfront层的Cloudfront上启用CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！