AWS Lambda 和 .Net Core WebAPI 的 Cors 错误 [英] Cors Error with AWS Lambda and .Net Core WebAPI

问题描述

我创建了一个 .Net Core、AWS Lambda WebAPI.在本地测试时，我遇到了 CORS 问题并添加了 CORS 策略以允许来自我的域的来源.这奏效了.该应用运行正常.

我需要帮助解决部署后出现的 cors 问题.部署到 AWS 后，我收到了众所周知的错误:

<预><代码>>从源访问https://myLambdaEndpoint"处的 XMLHttpRequest>http://myWebsite"已被 CORS 政策阻止:回应>预检请求未通过访问控制检查:否>请求中存在Access-Control-Allow-Origin"标头>资源.

这是我所做的:

我在 React 中使用 Axios 的请求:

axios.post(`myEndpoint`, { FirstName, LastName, Email }).then(res => {if(res.errors && res.errors.length > 0) console.log(res.errors);别的{this.setState({loading: false,registered: true});}}).catch(err => {alert(err); console.log(err)});}//也试过axios.post(`myEndpoint`, {headers: {'Access-Control-Allow-Origin': '*'}, FirstName, LastName, Email }).then(res => {if(res.errors && res.errors.length > 0) console.log(res.errors);别的{this.setState({loading: false,registered: true});}}).catch(err => {alert(err); console.log(err)});}

在 Startup.cs --> 配置服务

services.addCors()//也试过了services.AddCors(options =>{options.AddPolicy("AllowOrigin",建造者 =>{builder.WithOrigins("http://myWebsite").AllowAnyHeader().WithMethods("POST");});});

在 controller.cs 中

 [EnableCors(origins: "http://myWebsite", headers: "*", methods: "post")]

我针对 API 和网站的 s3 存储桶 cors 政策

<AllowedOrigin>myWebsite</AllowedOrigin><AllowedMethod>POST</AllowedMethod><AllowedHeader>*</AllowedHeader></CORSRule></CORSConfiguration>//也试过<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><CORSRule><AllowedOrigin>*</AllowedOrigin><AllowedMethod>POST</AllowedMethod><AllowedHeader>*</AllowedHeader></CORSRule></CORSConfiguration>

我也尝试在 aws 中向 lambda 函数添​​加触发器.

预检的状态代码是 500.还说Referer Policy: no-referer-when-downgrade"我想知道是不是这个问题?

响应头是:

<代码>>访问控制请求头:内容类型>访问控制请求方法:POST>来源:http://myWebsite.com>推荐人:http://myWebsite.com/

有人知道如何解决这个问题吗?我花了几个小时尝试和完成搜索.

解决方案

我解决了这个问题，不用感谢 Google 或 AWS 文档.

当我创建 .net core lambda 部署时，我还需要添加一个 API 网关，然后正确配置它.

在配置中，我需要设置用作资源的每个 http 方法，将其指向 lambda 函数，并设置其所有 http 状态响应.如果不这样做，api 网关将无法解析 cors.

希望这对其他人有帮助！

I've created a .Net Core, AWS Lambda WebAPI. Testing locally, I ran into a CORS issue and added a CORS policy to allow origins from my domain. This worked. The app functioned properly.

I need help resolving the cors issue that came after deployment. After deployment to AWS, I'm getting the well known error:

> Access to XMLHttpRequest at 'https://myLambdaEndpoint' from origin
> 'http://myWebsite' has been blocked by CORS policy: Response to
> preflight request doesn't pass access control check: No
> 'Access-Control-Allow-Origin' header is present on the requested
> resource.

Here's what I've done:

My request using Axios in React:

axios.post(`myEndpoint`, { FirstName, LastName, Email })
            .then(res => {
                if(res.errors && res.errors.length > 0) console.log(res.errors);
                else 
                {
                    this.setState({loading: false, registered: true});
                }
            })
            .catch(err => {alert(err); console.log(err)});
    } 

//Also tried

axios.post(`myEndpoint`, {headers: {'Access-Control-Allow-Origin': '*'}, FirstName, LastName, Email })
            .then(res => {
                if(res.errors && res.errors.length > 0) console.log(res.errors);
                else 
                {
                    this.setState({loading: false, registered: true});
                }
            })
            .catch(err => {alert(err); console.log(err)});
    }

in Startup.cs --> Configure Services

services.addCors()

// Also tried

services.AddCors(options =>
            {
                options.AddPolicy("AllowOrigin",
                builder =>
                {
                    builder.WithOrigins("http://myWebsite")
                        .AllowAnyHeader()
                        .WithMethods("POST");
                });
            });

in the controller.cs

        [EnableCors(origins: "http://myWebsite", headers: "*", methods: "post")]

my s3 bucket cors policy for the API as well as for the website

<CORSRule>
    <AllowedOrigin>myWebsite</AllowedOrigin>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

//Also tried

<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

I've tried adding triggers to the lambda function in aws as well.

Status code from the preflight is 500. Also says " Referer Policy: no-referer-when-downgrade" I'm wondering if that's the issue?

The response headers are:

> Access-Control-Request-Headers: content-type 
> Access-Control-Request-Method: POST  
> Origin: http://myWebsite.com 
> Referer: http://myWebsite.com/

Anyone know how to fix this? I've spent hours trying things and completing searches.

解决方案

I resolved the issue, no thanks to Google or the AWS documentation.

When I created the.net core lambda deployment I also needed to add an API gateway, and then configure it properly.

In the configuration, I needed to set up each http method I was using as a resource, point it to the lambda function, and set all of its http status responses. Without doing so, the api gateway wouldn't resolve cors.

Hope this helps others!

这篇关于AWS Lambda 和 .Net Core WebAPI 的 Cors 错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！