API网关和lambda代理cors问题
我的 API 网关 lambda 代理中存在 CORS 问题。我试图解决这个问题,但仍然得到 No 'Access-Control-Allow-Origin' header is present on the requested resources 或 Response to preflight request does not pass access control检查:请求的资源上不存在“Access-Control-Allow-Origin”标头。
我在前端使用 apollo 客户端,其中放置 'Access-Control-Allow-Origin': '*', header:
const authLink = setContext((operation, { headers }) => {
const token = window.localStorage.getItem('accessToken');
return {
headers: {
...headers,
authorization: `Bearer ${token}`,
'Access-Control-Allow-Origin': '*',
}}}
接下来,作为代理,我使用 'apollo-server-lambda',其中我有以下处理程序配置:
const handler = server.createHandler({
expressGetMiddlewareOptions: {
cors: {
origin: '*',
credentials: true,
},}});
我的 graphql API网关调用一些 lambda,每个 lambda 都包装在下面的包装器中:
export const middyfy = (handler: any) => {
return middy(handler).use(middyJsonBodyParser()).use(cors());
};
我的 graphql 代理无服务器配置看起来:
events: [
{
http: {
method: 'post',
path: '/',
integration: 'lambda-proxy',
cors: true,
},
},
{
http: {
method: 'get',
path: '/',
cors: true,
integration: 'lambda-proxy',
},
},
],
我的 API 网关选项配置: 
我将很高兴获得任何帮助
I have a problem with CORS in my API gateway lambda proxy. I was trying to struggle with this but still, I get No 'Access-Control-Allow-Origin' header is present on the requested resource or Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I use apollo client on frontend where I put 'Access-Control-Allow-Origin': '*', header:
const authLink = setContext((operation, { headers }) => {
const token = window.localStorage.getItem('accessToken');
return {
headers: {
...headers,
authorization: `Bearer ${token}`,
'Access-Control-Allow-Origin': '*',
}}}
Next, as a proxy, I use 'apollo-server-lambda' where I have below handler config:
const handler = server.createHandler({
expressGetMiddlewareOptions: {
cors: {
origin: '*',
credentials: true,
},}});
My graphql API gateway invokes some lambdas, every lambda is wrapped in below wrapper:
export const middyfy = (handler: any) => {
return middy(handler).use(middyJsonBodyParser()).use(cors());
};
My graphql proxy serverless configuration looks that:
events: [
{
http: {
method: 'post',
path: '/',
integration: 'lambda-proxy',
cors: true,
},
},
{
http: {
method: 'get',
path: '/',
cors: true,
integration: 'lambda-proxy',
},
},
],
My API gateway OPTIONS configuration:
I will be glad for any help
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
问题解决了,浏览器消息令人困惑。
最后,我遇到了错误:
否'访问 - 控制 - 柔和 - 孔素'标题都存在于请求的资源上。这很棘手,因为CORS并不是什么问题。我在授权标题中错了一个Cognito JWT令牌。最后,我不需要传递'access-control-allow-origin':'*',在前端侧,并在lambda侧使用CORS中间件。Problem solved, browser message was confusing.
In the end, I had the error:
No 'Access-Control-Allow-Origin' header is present on the requested resource. It was tricky because It wasn't any problem with CORS. I was passing wrong a Cognito JWT Token in my authorization header. Finally, I didn't need to pass'Access-Control-Allow-Origin': '*',on the frontend side and use cors middleware on the lambda side.