发出选项请求时,AWS API网关错误

时间:2019-04-13 15:29:15

标签: amazon-web-services cors aws-api-gateway preflight

我正在使用CFT为我的API创建环境。我为CORS添加了OPTIONS。我注意到从AWS console for OPTIONS进行测试时,我得到200的答复。但是,当我从CURL or PostMan执行相同操作时,却收到500内部服务器错误。在审查了与之相关的问题之后。我已经修改了对CONVERT_TO_TEXT的集成响应。但这也不能解决问题。

我注意到日志中有有线行为。以下是从AWS控制台请求的日志片段:

Sat Apr 13 15:06:26 UTC 2019 : Method request headers: { Access-Control-Request-Method= POST, Content-Type= application/json}
Sat Apr 13 15:06:26 UTC 2019 : Method request body before transformations: 
Sat Apr 13 15:06:26 UTC 2019 : Method response body after transformations: 
Sat Apr 13 15:06:26 UTC 2019 : Method response headers: {X-Requested-With=*, Access-Control-Allow-Headers=Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-requested-with, Access-Control-Allow-Origin=*, Access-Control-Allow-Methods=POST,OPTIONS, Content-Type=application/json}
Sat Apr 13 15:06:26 UTC 2019 : Successfully completed execution
Sat Apr 13 15:06:26 UTC 2019 : Method completed with status: 200

但是当我从CRUL或PM中给出相同的请求时,我看到以下日志:

Method request path: {}
Method request query string: {}
Method request headers:  Method request headers: {Accept=*/*, CloudFront-Viewer-Country=IN, CloudFront-Forwarded-Proto=https, CloudFront-Is-Tablet-Viewer=false, CloudFront-Is-Mobile-Viewer=false, User-Agent=curl/7.55.1, X-Forwarded-Proto=https, CloudFront-Is-SmartTV-Viewer=false, Host=MYHOST, X-Forwarded-Port=443,   (CloudFront), Access-Control-Request-Method=POST, CloudFront-Is-Desktop-Viewer=true, Content-Type=application/json}
Method request body before transformations: [Binary Data]
Execution failed due to configuration error: Unable to transform request
Method completed with status: 500

我们可以看到它正在尝试转换[Binary Data],但我没有发送任何内容。

我使用的卷曲:curl -X OPTIONS -H "Access-Control-Request-Headers: Content-Type" -H "Access-Control-Request-Method: POST" -H "Access-Control-Allow-Origin: '*'" -v MYHOST

为什么我在日志中看到这种差异?我的配置出了什么问题?你能帮我吗?

更新:我正在使用下面的CFT

Type: AWS::ApiGateway::Method
Properties:
  AuthorizationType: NONE
  HttpMethod: OPTIONS
  Integration:
    Type: MOCK
    IntegrationResponses:
    - StatusCode: 200
      ResponseParameters:
        method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
        method.response.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
        method.response.header.Access-Control-Allow-Origin: "'*'"
    RequestTemplates:
      application/json:
        Fn::Join:
        - ''
        - - "{"
          - ' {"statusCode":200} '
          - "}"
  MethodResponses:
  - StatusCode: 200
    ResponseParameters:
      method.response.header.Access-Control-Allow-Headers: true
      method.response.header.Access-Control-Allow-Methods: true
      method.response.header.Access-Control-Allow-Origin: true

1 个答案:

答案 0 :(得分:1)

对于接缝,将contentHandling: CONVERT_TO_TEXT参数添加到集成请求和集成响应设置这两个方面的要求较少。

在大摇大摆的情况下,CORS配置看起来像这样:

responses: {
  200: {
    description: "Returning CORS headers",
    headers: {
      "Access-Control-Allow-Headers":{ type: "string" },
      "Access-Control-Allow-Methods": { type: "string" },
      "Access-Control-Allow-Origin": { type: "string" },
    }
  }
},
"x-amazon-apigateway-integration": {
  type: "mock",
  contentHandling: "CONVERT_TO_TEXT", // Resolves problems with cloudfront binary content issues
  requestTemplates: {
    "application/json": "{ \"statusCode\": 200 }"
  },
  responses: {
    "default": {
      statusCode: "200",
      contentHandling: "CONVERT_TO_TEXT", // Resolves problems with cloudfront binary content issues
      responseParameters: {
        "method.response.header.Access-Control-Allow-Headers": "'*'",
        "method.response.header.Access-Control-Allow-Methods" : "'*'",
        "method.response.header.Access-Control-Allow-Origin" : "'*'"
      },
      responseTemplates: {
        "application/json": "{}"
      }
    }
  }
}