SAM app deploy gives preflight error but if I create OPTIONS method in aws apigateway console my preflight passes
I'm using SAM to create an API in cloudformation.
QUESTION: Where in my SAM application template do I add the 'X-Requested-With' header? How can I edit my code so that the preflight will succeed without me having to go into the AWS console?
PROBLEM: I'm working with my preflight request and when I deploy my SAM application I get 403 FORBIDDEN in postman and when I go to the AWS console the header 'X-Requested-With' is not present.
If I try to just add the 'X-Requested-With' header afterward in the console it still gives the error, BUT if I delete the OPTIONS method in the console and create the OPTIONS method from scratch according to (https://enable-cors.org/server_awsapigateway.html) it works and I get a 200 OK in postman.
CODE:
template.yaml
Globals:
Function:
Timeout: 10
Api:
Cors:
AllowMethods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
AllowHeaders: "'Content-Type,X-Amz-Date,X-Amz-Security-Token,Authorization,X-Api-Key,X-Requested-With,Accept,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Allow-Headers'"
AllowOrigin: "'*'"
Resources:
MyApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Auth:
ApiKeyRequired: true
MyFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: mypath/
Handler: app.lambdaHandler
Runtime: nodejs12.x
Events:
KrySeisoen:
Type: Api
Properties:
RestApiId: !Ref MyApi
Path: /mypath
Method: get
Policies:
- ...
VpcConfig:
SecurityGroupIds:
- ...
SubnetIds:
- ...
So I was barking up the wrong tree.
The problem that I was having was not with the 'X-Requested-With' header, but rather the fact that my SAM application was setting the ApiKeyRequired to true for all the methods.
All I had to do was to set the ApiKeyRequired to false for all the options methods.
Here is a link to another question with the solution to my problem. Preflight response 403 forbidden. How can I allow options method without x-api-key?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- How to organize the receive msg and user current input in C network such that it's clean
- Using inclusive scan syntax in OpenMP in the C language
- Unable to understand context in book "OOP in C" by Axel Schreiner
- How to dereference member from struct in which the definition is hid from user?
- variable-length array in struct with TI compiler in C (socket programming)
- A faster way to test 32bpp DDBs for a valid Alpha channel
- How can I compile the zephyr example-application as a freestanding application?
- Why does my forked process sometimes overwrite data in a file?
- Why in C can I initialize more values than the size of an array?
- _Generic in C needs typecasting?
- Declaring/defining an unused variable changes the output from an unrelated variable
- How to use gdb to explore the stack/heap?
- How can I read an input string of unknown length?
- Confused by difference between expression inside if and expression outside if
- Fast Arc Cos algorithm?
- Discrepancy of `unsigned long` size between llvm and gcc in riscv32
- GCC (C) - error: 'x' redeclared as different kind of symbol
- Why does GCC’s static analyser falsely warn that a pointer to an allocated memory block itself stored in an allocated memory block may leak?
- c language gcc compiler *.i file #3 "" 2 what is this?
- How to make clang compile to llvm IR
- Hashtable implementation in C
- EFI variables or config file on the EFI partition for EFI application?
- Pack high bit of every byte in ARM, for 64 bytes like AVX512 vpmovb2m?
- Calling an external C function (in a shared lib) from Perl with Inline::C does not work
- Can a C program detect if its own source code has been modified?
- Is this declaration UB?
- Eclipse C/C++ how to find variable belongs to which struct quickly
- Is this truly best way to delete last element in C?
- flint/arb.h: No such file or directory