API Gateway CORS:没有“Access-Control-Allow-Origin"标头

API Gateway CORS: no #39;Access-Control-Allow-Origin#39; header(API Gateway CORS:没有“Access-Control-Allow-Origin标头)
本文介绍了API Gateway CORS:没有“Access-Control-Allow-Origin"标头的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

虽然已经通过 API Gateway 设置了 CORS 并且设置了 Access-Control-Allow-Origin 标头,但在 Chrome 中尝试从 AJAX 调用 API 时仍然收到以下错误:

<块引用>

XMLHttpRequest 无法加载

并且来自 OPTIONS 响应:

如何在不恢复为 JSON-P 的情况下从浏览器调用我的 API?

解决方案

我遇到了同样的问题.我已经用了 10 个小时来找出答案.

https://serverless.com/framework/docs/providers/aws/events/apigateway/

//handler.js'使用严格';module.exports.hello = 函数(事件、上下文、回调){常量响应 = {状态码:200,标题:{"Access-Control-Allow-Origin" : "*",//需要 CORS 支持才能工作"Access-Control-Allow-Credentials" : true//cookie 需要,HTTPS 授权标头},正文: JSON.stringify({ "message": "Hello World!" })};回调(空,响应);};

Although CORS has been set up through API Gateway and the Access-Control-Allow-Origin header is set, I still receive the following error when attempting to call the API from AJAX within Chrome:

XMLHttpRequest cannot load http://XXXXX.execute-api.us-west-2.amazonaws.com/beta/YYYYY. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403.

I attempted to GET the URL through Postman and it shows the above header is successfully passed:

And from the OPTIONS reponse:

How can I call my API from the browser without reverting to JSON-P?

解决方案

I get the same problem. I have used 10hrs to findout.

https://serverless.com/framework/docs/providers/aws/events/apigateway/

// handler.js

'use strict';

module.exports.hello = function(event, context, callback) {

const response = {
  statusCode: 200,
  headers: {
    "Access-Control-Allow-Origin" : "*", // Required for CORS support to work
    "Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS 
  },
  body: JSON.stringify({ "message": "Hello World!" })
};

callback(null, response);
};

这篇关于API Gateway CORS:没有“Access-Control-Allow-Origin"标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

相关文档推荐

Show a progress bar for downloading files using XHR2/AJAX(显示使用 XHR2/AJAX 下载文件的进度条)
How do I get the HTTP status code with jQuery?(如何使用 jQuery 获取 HTTP 状态码?)
How to get response url in XMLHttpRequest?(如何在 XMLHttpRequest 中获取响应 url?)
WebKit quot;Refused to set unsafe header #39;content-length#39;quot;(WebKit “拒绝设置不安全的标头‘内容长度’)
$.ajax call working fine in IE8 and Doesn#39;t work in firefox and chrome browsers($.ajax 调用在 IE8 中运行良好,但在 Firefox 和 chrome 浏览器中不起作用)
How do I know if jQuery has an Ajax request pending?(我如何知道 jQuery 是否有待处理的 Ajax 请求?)