CODEWITHSUNDEEP
javascriptamazon-web-servicescorsaws-api-gateway
Cenxui
Cenxui

Reputation: 1403

Api Gateway cannot allow Access-Control-Allow-Origin

This url is in AWS API Gateway with method get and stage is well deployed. And I enabled CORS following the aws document.

Here are my steps to enable CORS.

-Resource->action->enable CORS-> default setting ->enable CORS and replacing the CORS headers. There is no error log in CORS result.

I am not a profesional web developer and my browser is safari.
Here is my code to query "http://my.com"

 function request(idex) {
 var xmlHttp = new XMLHttpRequest();
 xmlHttp.onreadystatechange = function() { 
    if (xmlHttp.status == 200)
        callback(xmlHttp.responseText);
 }
 xmlHttp.open("GET", "http://my.com", true);  
 xmlHttp.send(null);}

The console print the error : XMLHttpRequest cannot load "http://my.com" Origin http://example.com is not allowed by Access-Control-Allow-Origin.

If there are some mistakes in javascript request or in API Gateway deploy?

Upvotes: 2

Views: 2873

Answers (2)

Cenxui
Cenxui

Reputation: 1403

After consulting and trying each method, I found the error as following.

According to AWS document, we can not deploy our api before enabling CORS. All the settings about the header and CORS must be set before being deployed. But the API Gateway does not block this setting nor does it show any error dialog. API Gateway will not change the header even if your setting process shows success.

Upvotes: 3

Aniruddha Das
Aniruddha Das

Reputation: 21688

The cross origin problem is from server side not javascript side. When the server does not allow request from other domains it throws cross origin error. But you said you already added CORS in aws instance

As the javascript is only accessing the service from my.com, You need to added proper domain mapping in your my.com site to tell that request will come from another domain called example.com. might be the server is not properly configured. or try if server is expecting any header.

try to see the result in any rest client like soapui, rect client plugin in chrome, etc. once you confirm that there is no problem in server, try it from javascript

To test there is a chrome plugin you can try

https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi?hl=en

Upvotes: 2

Related Questions