We have a bunch of API endpoints set up in serverless.yml that need to support CORS.
This configuration works:
functions:
function1:
handler: api.refresh
events:
- http:
path: function1
method: post
cors:
origin: '*'
headers:
- Content-Type
- X-Amz-Date
- Authorization
- X-Api-Key
- X-Amz-Security-Token
- X-Amz-User-Agent
But that means we need to duplicate the list of our custom CORS headers for each function - potentially dozens of places we need to update this as soon as we add a new header.
How do we specify the allowed CORS headers once and have them apply to all functions? Ideally we could also automatically make all functions have CORS enabled at the same time.
Currently, serverlessjs does not support to set cors for all function at once, you have to enable cors for each function event.
In the normal way, you just define the cors setting once and apply it for the functions (like a variable)
# ...
custom:
defaultCors:
origin: "*"
headers:
- Content-Type
- X-Amz-Date
- Authorization
- X-Api-Key
- X-Amz-Security-Token
- X-Amz-User-Agent
# ...
functions:
function1:
handler: api.refresh
events:
- http:
path: function1
method: post
cors: ${self:custom.defaultCors}