dougmoscrop / serverless-http

Use your existing middleware framework (e.g. Express, Koa) in AWS Lambda 🎉
Other
1.74k stars 167 forks source link

Response body breaks with cors middlewares usage. #151

Open niteshgrg opened 4 years ago

niteshgrg commented 4 years ago

Response body which is a valid json becomes something of sort. WHile using with serverless cors:true and cors middleware.

"HTTP/1.1 201 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Type: application/json; charset=utf-8 Content-Length: 979 ETag: W/"3d3-lsMbiatDuk11/kGt2lF+ji87gW8" Date: Sun, 19 Apr 2020 06:07:04 GMT Connection: keep-alive

{..json }"

sometimescool22 commented 4 years ago

Getting this even without CORS. Copied from https://serverless.com/blog/serverless-express-rest-api/

const serverless = require('serverless-http');
const express = require('express')

const app = express()

app.get('/', function (req, res) {
  res.send('Hello World!')
})

module.exports.handler = serverless(app);
functions:
  server:
    handler: src/server.handler
    # timeout: 30
    events:
      - http: ANY /
      - http: 'ANY {proxy+}'

First request is normal, then it returns the headers like above.

dougmoscrop commented 4 years ago

What versions of everything?

On Mon., Apr. 20, 2020, 7:13 p.m. Harry, notifications@github.com wrote:

Getting this even without CORS. Server:

import serverless from 'serverless-http'import express from 'express' const app = express();

app.get('/', async (req, res) => { res.send("hello world") }) export const main = serverless(app);

functions: server: handler: dist/server.main events:

  • http: ANY /
  • http: 'ANY {proxy+}'

First request is normal, then it returns the headers like above.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/dougmoscrop/serverless-http/issues/151#issuecomment-616858598, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEPGFFL76YZO72L543KCSDRNTJIZANCNFSM4MLVBG3Q .

Fatxx commented 4 years ago

I'm facing a similar issue, in development and at the first request the body is a well-formatted json after that it seems to add the headers into the response body.

Screenshot 2020-04-29 at 10 12 43

As you can see the headers seem to be added to the response body somehow which invalidates the JSON body:

Screenshot 2020-04-29 at 10 12 09

I'm using just a simple expressjs endpoint which returns an object:

const app = express();
app.use(express.json({ limit: '10mb' }));
app.post('/validate-license', async (req, res) => {
 return res.send({id: "", key: "", ...})
})

Also with the following serverless.yml:

provider:
  name: aws
  runtime: nodejs12.x

functions:
  licenseServer:
    handler: index.handler
    events:
      - http:
          path: /
          method: ANY
          cors: true
      - http:
          path: /{any+}
          method: ANY
          cors: true
Fatxx commented 4 years ago

I tried this with versions 2.3.2 and 2.0.0

mark-carrington commented 4 years ago

Is there any update on this issue? I'm seeing this with the following versions: serverless: 1.67.3 serverless-http: 2.3.2

I also noticed this occurring without CORS. I tried stripping the code right back to the following (and still saw the issue):

import serverless from 'serverless-http'
import express from 'express'

const app = express()
app.get('/news', (req, res) => res.status(200).json({“message”: “hello world"})

const handler = serverless(app)
module.exports.handler = async (event, context) => {
  const result = await handler(event, context)
  return result
}

With the following serverless.yml:

provider:
  name: aws
  runtime: nodejs12.x

functions:
    app:
        handler: src/app.handler
        events:
            - http:
                  path: /
                  method: get
                  private: true
            - http:
                  path: /{proxy+}
                  method: get
                  private: true
    getNews:
        handler: src/app.handler
        events:
            - http:
                  path: /news/{proxy+}
                  method: get
                  private: true
csuermann commented 4 years ago

I'm experiencing the same issue with these versions:

serverless: 1.67.3 serverless-http: 2.5.0 express: 4.17.1

Cold-starts behave like expected but subsequent requests include header duplications as part of the body.

1st request (cold-start)

curl --location -i --request POST 'https://xxxxx.execute-api.eu-central-1.amazonaws.com/dev/foo'

HTTP/2 200 
content-type: text/xml; charset=utf-8
content-length: 479
date: Fri, 05 Jun 2020 11:58:34 GMT
x-amzn-requestid: 8ce24e23-3dda-4f0a-b2c0-c529f5da26f5
x-amzn-remapped-content-length: 479
x-amz-apigw-id: Npi4TG-AliAGs5g=
etag: W/"1df-8OH65yBjlV5aKoyDEt4SeA+4A0I"
x-powered-by: Express
x-amzn-trace-id: Root=1-6eda3368-1817e362a9b35e9ae15c8c74;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 117c54f007fbf41fc2a4bbbd8e88fc31.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: tpQHTYt_bmUkCa_4BxosgZbjzSc5NaF3cHUgUYJIm8-1Yk3uoFgiew==

<?xml version="1.0" encoding="UTF-8"?><foo><bar></bar</foo>%

subsequent requests

curl --location -i --request POST 'https://xxxxx.execute-api.eu-central-1.amazonaws.com/dev/foo'

HTTP/2 200 
content-type: text/xml; charset=utf-8
content-length: 685
date: Fri, 05 Jun 2020 11:36:01 GMT
x-amzn-requestid: 5d71548d-9a61-4fd1-b346-a2c735faa063
x-amzn-remapped-content-length: 479
x-amz-apigw-id: NpwlKMNGFiAEoHg=
etag: W/"1df-5JxnLUWg3mxL4XsqY+aTm9fLyps"
x-powered-by: Express
x-amzn-trace-id: Root=1-5fda2e20-6611d65472a90ccc2b8d31d8;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 e64eb476d8f76d461d21278e018e195f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DtoP4_Iiaux2ecnWyvKR5uoD5YjI3boqw62XNQpzf-kxBeGfLW6f0A==

HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: text/xml; charset=utf-8
Content-Length: 479
ETag: W/"1df-5JxnLUWg1mxL4XsqY+aTl9fLyps"
Date: Fri, 05 Jun 2020 11:36:01 GMT
Connection: keep-alive

<?xml version="1.0" encoding="UTF-8"?><foo><bar></bar</foo>%
dougmoscrop commented 4 years ago

Is it reproducible every time or at least often? Can you push a repo or gist?

csuermann commented 4 years ago

The observed behavior was totally reproducible. But when I set up a new repo to share here, it suddenly worked. My guess is that something with the dependencies was wrong (perhaps unmet peer dependencies?) and got fixed by npm install. I apologize for any inconvenience.

dougmoscrop commented 4 years ago

No need to apologize, I would prefer to know/fix if possible, is there any chance you could try to take your package.json, strip any ~ and ^ and do another npm install? It won't help with transitive dependencies, but that might be a clue.