我正在使用CFT为我的API创建环境。我为CORS添加了OPTIONS。我注意到从AWS console for OPTIONS
进行测试时,我得到200
的答复。但是,当我从CURL or PostMan
执行相同操作时,却收到500
内部服务器错误。在审查了与之相关的问题之后。我已经修改了对CONVERT_TO_TEXT的集成响应。但这也不能解决问题。
我注意到日志中有有线行为。以下是从AWS控制台请求的日志片段:
Sat Apr 13 15:06:26 UTC 2019 : Method request headers: { Access-Control-Request-Method= POST, Content-Type= application/json}
Sat Apr 13 15:06:26 UTC 2019 : Method request body before transformations:
Sat Apr 13 15:06:26 UTC 2019 : Method response body after transformations:
Sat Apr 13 15:06:26 UTC 2019 : Method response headers: {X-Requested-With=*, Access-Control-Allow-Headers=Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-requested-with, Access-Control-Allow-Origin=*, Access-Control-Allow-Methods=POST,OPTIONS, Content-Type=application/json}
Sat Apr 13 15:06:26 UTC 2019 : Successfully completed execution
Sat Apr 13 15:06:26 UTC 2019 : Method completed with status: 200
但是当我从CRUL或PM中给出相同的请求时,我看到以下日志:
Method request path: {}
Method request query string: {}
Method request headers: Method request headers: {Accept=*/*, CloudFront-Viewer-Country=IN, CloudFront-Forwarded-Proto=https, CloudFront-Is-Tablet-Viewer=false, CloudFront-Is-Mobile-Viewer=false, User-Agent=curl/7.55.1, X-Forwarded-Proto=https, CloudFront-Is-SmartTV-Viewer=false, Host=MYHOST, X-Forwarded-Port=443, (CloudFront), Access-Control-Request-Method=POST, CloudFront-Is-Desktop-Viewer=true, Content-Type=application/json}
Method request body before transformations: [Binary Data]
Execution failed due to configuration error: Unable to transform request
Method completed with status: 500
我们可以看到它正在尝试转换[Binary Data]
,但我没有发送任何内容。
我使用的卷曲:curl -X OPTIONS -H "Access-Control-Request-Headers: Content-Type" -H "Access-Control-Request-Method: POST" -H "Access-Control-Allow-Origin: '*'" -v MYHOST
为什么我在日志中看到这种差异?我的配置出了什么问题?你能帮我吗?
更新:我正在使用下面的CFT
Type: AWS::ApiGateway::Method
Properties:
AuthorizationType: NONE
HttpMethod: OPTIONS
Integration:
Type: MOCK
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
method.response.header.Access-Control-Allow-Origin: "'*'"
RequestTemplates:
application/json:
Fn::Join:
- ''
- - "{"
- ' {"statusCode":200} '
- "}"
MethodResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: true
method.response.header.Access-Control-Allow-Methods: true
method.response.header.Access-Control-Allow-Origin: true
答案 0 :(得分:1)
对于接缝,将contentHandling: CONVERT_TO_TEXT
参数添加到集成请求和集成响应设置这两个方面的要求较少。
在大摇大摆的情况下,CORS配置看起来像这样:
responses: {
200: {
description: "Returning CORS headers",
headers: {
"Access-Control-Allow-Headers":{ type: "string" },
"Access-Control-Allow-Methods": { type: "string" },
"Access-Control-Allow-Origin": { type: "string" },
}
}
},
"x-amazon-apigateway-integration": {
type: "mock",
contentHandling: "CONVERT_TO_TEXT", // Resolves problems with cloudfront binary content issues
requestTemplates: {
"application/json": "{ \"statusCode\": 200 }"
},
responses: {
"default": {
statusCode: "200",
contentHandling: "CONVERT_TO_TEXT", // Resolves problems with cloudfront binary content issues
responseParameters: {
"method.response.header.Access-Control-Allow-Headers": "'*'",
"method.response.header.Access-Control-Allow-Methods" : "'*'",
"method.response.header.Access-Control-Allow-Origin" : "'*'"
},
responseTemplates: {
"application/json": "{}"
}
}
}
}