Open talawahtech opened 5 years ago
Hi talawahtech,
I had a similar issue recently and I noticed that the CORS headers, when added using GatewayResponses on a Aws::Serverless::Api are present only if I manually re-deploy the api.
A second option might be to add the GatewayResponses to your aws::serverless::api resource (I guess you're using this type?), as per this sam release: https://github.com/awslabs/serverless-application-model/releases/tag/v1.11.0 (as in this example: https://github.com/awslabs/serverless-application-model/blob/master/examples/2016-10-31/api_gateway_responses/template.yaml). This, however, doesn't currently validate, and raises an InvalidResourceException (see these issues: https://github.com/awslabs/serverless-application-model/issues/939, and https://github.com/awslabs/aws-sam-cli/issues/1198).
I hope this helps
I have also encountered this issue, and only had limited success with eulogio-gutierrez's suggestion of rolling the config into the Api resource.
When updating an already-deployed application which detects a change to an AWS::Serverless::Api
, it does not include the AWS::ApiGateway::GatewayResponse
unless there is also a change to that object. My initial deployment would include the header values, but then any subsequent deployment that included a AWS::ApiGateway::Deployment
, wiped the header values out.
This seems to be supported in SAM, but not in SAM-CLI. Is that correct? Is there a resource that shows what SAM-CLI can and can't do with respect to SAM? I spent hours trying to get GatewayResponses to work locally with SAM-CLI...
Are there plans to add support for this to SAM-CLI?
Any progress about this issue? I think that I'm currently facing the same issue as @PaulMaas.
I will appreciate any information đź‘Ť
Description
If I create a
AWS::Serverless::Function
that is triggered by an API Gateway event, and an unhandled exception occurs in my code, the error message sent back to the user is a 502 Bad Gateway error from the API Gateway. Unfortunately this error message doesn't have any CORS headers by default, so if the webpage that called the endpoint is not on the same domain as the API Gateway, a CORS error will also be triggered in the browser.Previously when I used the serverless framework I would address this issue by creating a CloudFormation resource to set the
DEFAULT_5XX
Gateway Response for that particular API. For some reason doing so doesn't seem to have any effect for APIs created using sam-cli.Steps to reproduce
1) Create a
AWS::Serverless::Function
with an event of typeApi
and throw an exception when the function is called.2) Add the following resource to template.yaml
Observed result
No CORS headers are present on the 502 response from the API endpoint
Expected result
CORS headers should be present on the 502 response from the API endpoint
I am not sure if this has something to do with the fact that sam-cli uses embedded swagger templates when defining the RestApi, but that would be my first guess. I am just looking for a way to address the issue, even if it is another workaround