bac*_*ack 6 amazon-web-services cors preflight aws-api-gateway
我正在使用 CFT 为我的 API 创建环境。我已经添加了 CORS 选项。我注意到当我进行测试时AWS console for OPTIONS我收到了200回复。但是,当我执行相同操作时,CURL or PostMan我收到500内部服务器错误。在审查了与之相关的问题后。我已将集成响应修改为 CONVERT_TO_TEXT。但这也没有解决问题。
我注意到日志中存在有线行为。以下是来自 AWS 控制台的请求的日志片段:
Sat Apr 13 15:06:26 UTC 2019 : Method request headers: { Access-Control-Request-Method= POST, Content-Type= application/json}
Sat Apr 13 15:06:26 UTC 2019 : Method request body before transformations:
Sat Apr 13 15:06:26 UTC 2019 : Method response body after transformations:
Sat Apr 13 15:06:26 UTC 2019 : Method response headers: {X-Requested-With=*, Access-Control-Allow-Headers=Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-requested-with, Access-Control-Allow-Origin=*, Access-Control-Allow-Methods=POST,OPTIONS, Content-Type=application/json}
Sat Apr 13 15:06:26 UTC 2019 : Successfully completed execution
Sat Apr 13 15:06:26 UTC 2019 : Method completed with status: 200
但是当我从 CRUL 或 PM 发出相同的请求时,我看到以下日志:
Method request path: {}
Method request query string: {}
Method request headers: Method request headers: {Accept=*/*, CloudFront-Viewer-Country=IN, CloudFront-Forwarded-Proto=https, CloudFront-Is-Tablet-Viewer=false, CloudFront-Is-Mobile-Viewer=false, User-Agent=curl/7.55.1, X-Forwarded-Proto=https, CloudFront-Is-SmartTV-Viewer=false, Host=MYHOST, X-Forwarded-Port=443, (CloudFront), Access-Control-Request-Method=POST, CloudFront-Is-Desktop-Viewer=true, Content-Type=application/json}
Method request body before transformations: [Binary Data]
Execution failed due to configuration error: Unable to transform request
Method completed with status: 500
我们可以看到它正在尝试改变,[Binary Data]但我没有发送任何内容。
我用的卷曲:curl -X OPTIONS -H "Access-Control-Request-Headers: Content-Type" -H "Access-Control-Request-Method: POST" -H "Access-Control-Allow-Origin: '*'" -v MYHOST
为什么我在日志中看到这种差异?我的配置出了什么问题?你能帮助我吗。
更新:我正在使用以下 CFT
Type: AWS::ApiGateway::Method
Properties:
AuthorizationType: NONE
HttpMethod: OPTIONS
Integration:
Type: MOCK
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
method.response.header.Access-Control-Allow-Origin: "'*'"
RequestTemplates:
application/json:
Fn::Join:
- ''
- - "{"
- ' {"statusCode":200} '
- "}"
MethodResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: true
method.response.header.Access-Control-Allow-Methods: true
method.response.header.Access-Control-Allow-Origin: true
小智 4
似乎有一个较少记录的要求将contentHandling: CONVERT_TO_TEXT参数添加到集成请求和集成响应设置。
在 swagger 中,CORS 配置看起来像这样:
responses: {
200: {
description: "Returning CORS headers",
headers: {
"Access-Control-Allow-Headers":{ type: "string" },
"Access-Control-Allow-Methods": { type: "string" },
"Access-Control-Allow-Origin": { type: "string" },
}
}
},
"x-amazon-apigateway-integration": {
type: "mock",
contentHandling: "CONVERT_TO_TEXT", // Resolves problems with cloudfront binary content issues
requestTemplates: {
"application/json": "{ \"statusCode\": 200 }"
},
responses: {
"default": {
statusCode: "200",
contentHandling: "CONVERT_TO_TEXT", // Resolves problems with cloudfront binary content issues
responseParameters: {
"method.response.header.Access-Control-Allow-Headers": "'*'",
"method.response.header.Access-Control-Allow-Methods" : "'*'",
"method.response.header.Access-Control-Allow-Origin" : "'*'"
},
responseTemplates: {
"application/json": "{}"
}
}
}
}
| 归档时间: |
|
| 查看次数: |
4939 次 |
| 最近记录: |