Reputation: 55
Google Cloud Function doesn't return the CORS headers I set using Go
I realize that there are similar questions (such as Google Cloud Functions enable CORS?), but their answers doesn't seem to be working for me.
The Google Cloud Function have the following response code:
func HelloWorld(w http.ResponseWriter, r *http.Request) {
[...]
response := make(map[string]interface{})
w.WriteHeader(http.StatusOK)
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Allow", "GET, OPTIONS")
w.Header().Set("Access-Control-Allow-Methods", "GET, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "*")
response["list"] = list
if err = json.NewEncoder(w).Encode(response); err != nil {
fmt.Println(err)
}
}
Normally I'd think it was enough with Access-Control-Allow-Origin", "*", but since it wasn't working then I included the others as well.
When I try to curl -v "https://us-central1-my-function.cloudfunctions.net/myfunction" then I get the following response:
[...]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 200
< content-type: text/plain; charset=utf-8
< function-execution-id: ivz4zonw37d1
< x-cloud-trace-context: b6929d3ddf88dc102f6f1f069404aeaa;o=1
< date: Wed, 25 Mar 2020 20:00:52 GMT
< server: Google Frontend
[...]
When I try to call the cloud function from my local vuejs application, then I get the following error: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://us-central1-my-function.cloudfunctions.net/myfunction. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Upvotes: 1
Views: 426
Answers (1)
Reputation: 8074
This is the standard form that your cloud function should have. It should check for OPTIONS method sent by the preflight request and set the heathers. Then it should send the heathers for the main request.
Here you can find more information:
// Package http provides a set of HTTP Cloud Functions samples.
package http
import (
"fmt"
"net/http"
)
// CORSEnabledFunction is an example of setting CORS headers.
// For more information about CORS and CORS preflight requests, see
// https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request.
func CORSEnabledFunction(w http.ResponseWriter, r *http.Request) {
// Set CORS headers for the preflight request
if r.Method == http.MethodOptions {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
w.Header().Set("Access-Control-Max-Age", "3600")
w.WriteHeader(http.StatusNoContent)
return
}
// Set CORS headers for the main request.
w.Header().Set("Access-Control-Allow-Origin", "*")
fmt.Fprint(w, "Hello, World!")
}
Upvotes: 3
Related Questions
- Enabling CORS in Cloud Functions for Firebase
- Google Cloud Functions enable CORS?
- Google Cloud function with Nodejs runtime not working for CORS and async
- Cloud function post cors issue
- Cors not being enabled for firebase cloud functions
- google cloud function python CORS error No 'Access-Control-Allow-Origin' header is present on the requested resource.
- Firebase Cloud Functions: Cors examples don't work
- Access-Control-Allow-Origin not working Google Cloud Functions GCF
- cors error within a cloud function
- Unable to add cors to gcp function