使用AWS API Gateway请求验证程序时启用CORS [英] Enable CORS when using AWS API Gateway Request Validator

问题描述

我成功设置了带有CORS的AWS API Gateway，当请求有效时，我有200状态代码以及CORS标头，这很好.

I setup AWS API Gateway with CORS successfully, when a request is valid I have a 200 status code and also CORS headers, that's nice.

但是当AWS API Gateway Request Validator检测到无效输入时，我的状态码为400，但未发送CORS标头...

But when AWS API Gateway Request Validator detects an invalid input, I have the status code is 400 but CORS headers are not sent...

这真的很不幸，因为客户看到的是CORS错误，而不是真正的400错误(例如fetch的例子，由于CORS错误，客户无法区分400错误).

That's really unfortunate, because the client sees a CORS errors instead of a real 400 error (for exemple with fetch the client is not able to distinguish 400 errors because of CORS errors).

此问题可能与从AWS API网关请求验证程序获取详细的错误消息

推荐答案

我通过讨论使用无服务器来部署CORS服务并处理从API网关抛出的错误来解决这个问题:

I came to this answer through a discussion about using serverless to deploy CORS services and dealing with errors thrown from API Gateway: https://github.com/serverless/serverless/issues/3896#issuecomment-333910525

基本上，您需要转到API网关，选择您的API，然后选择网关响应.然后，您可以为任何4XX或5XX响应添加标题.

Basically, you need to go to API Gateway, select your API, then select Gateway Responses. You can then add headers for any 4XX or 5XX response.

这将允许从API Gateway抛出400个错误以与CORS一起使用，因为您在此处添加了所需的标头.

This will allow 400 errors thrown from API Gateway to work with CORS, since you're adding the needed headers here.

这篇关于使用AWS API Gateway请求验证程序时启用CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！