![]() ![]() ![]() When trying to call the lambda, chrome blocks the GET request with this error showing on the console: Response to preflight request doesn't pass access control check. Google Chrome used as browser (with its developer tools enabled to monitor things).Both API methods (actual API and its Authorizer) routed and published on the internet using AWS API Gateway, which in short is a way to pair your lambda with a public URL to call it from elsewhere.This is important as we'll see later, because due to some nonsense on AWS inner workings, sometimes you cannot use the standard HTTP Authorization header, and it defaults to using authorizationToken as they suggest in their documentation and samples (and changing it not always works, there are plenty of users reporting this in their forums). The above AWS Lambda is behind what AWS calls an "Authorizer", which is a function that runs before your lambda to check whatever authorization header you want to use to protect access to your API.This lambda is adding Access-Control-Allow-Origin:"*" header to its response. AWS Lambda Backend, that answers the GET with a JSON payload (coded in python, not important but anyways).ReactJS frontend, try to make a GET request using fetch javascript method, running on for development.Well, after looking into this for a day and checking several other answers I'm posting this because none quite fit my problem, with the hope it will help anyone else facing this.įirst, I'll summarize the several parts involved in the error and then how to fix it, without resorting to any "hackish" solution like bypassing CORS with a chrome extension, or using any 3rd party service, like many posts suggest. Also, there's a tweak to make if you use custom headers for authorization tokens for example. TL DR: There was a preflight request happening, it just wasn't showing on chrome (there's a way to make them show up). ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |