API Gateway CORS no Access-Control-Allow-Origin header

+3 votes

Although CORS has been set up through API Gateway and the Access-Control-Allow-Origin header is set, I still receive the following error when attempting to call the API from AJAX within Chrome:

XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403.

I attempted to GET the URL through Postman and it shows the above header is successfully passed:

Passed headers

And from the OPTIONS reponse:

Response headers

How can I call my API from the browser without reverting to JSON-P?

Oct 9, 2018 in AWS by eatcodesleeprepeat
 • 4,710 points 12,684 views

1 answer to this question.

+2 votes
Best answer

I get the same problem. I have used 10hrs to findout.

https://serverless.com/framework/docs/providers/aws/events/apigateway/

// handler.js

'use strict';

module.exports.hello = function(event, context, callback) {

const response = {
  statusCode: 200,
  headers: {
    "Access-Control-Allow-Origin" : "*", // Required for CORS support to work
    "Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS 
  },
  body: JSON.stringify({ "message": "Hello World!" })
};

callback(null, response);
};
answered Oct 9, 2018 by Priyaj
 • 58,020 points
selected Dec 10, 2019 by Kalgi
Thank you!
You saved me so much trouble :)
commented Dec 10, 2019 by Shalakha
Hello @Shalakha, if the answer has helped you, please register at Edureka Community and upvote the answer.

Thank you!
commented Dec 10, 2019 by Edureka
 • 2,960 points

Related Questions In AWS

0 votes
0 answers

S3 - Access-Control-Allow-Origin Header

Did anyone manage to add Access-Control-Allow-Origin to ...READ MORE

Apr 19, 2022 in AWS by Rahul
 • 9,680 points 735 views
0 votes
1 answer

How to Enable CORS for an AWS API Gateway Resource

Since you're using Lambda Proxy integration for ...READ MORE

answered Jul 10, 2018 in AWS by Hammer
 • 360 points 4,063 views
0 votes
1 answer

Enable CORS for API Gateway in Cloudformation template

After some trial and error, I found ...READ MORE

answered Oct 9, 2018 in AWS by Priyaj
 • 58,020 points 8,124 views
+1 vote
1 answer

AWS API Gateway CORS ok for OPTIONS, fail for POST

The problem has been that the API ...READ MORE

answered Oct 9, 2018 in AWS by Priyaj
 • 58,020 points 5,319 views
0 votes
1 answer

How to make ApiGateway point to specific Lambda bias

You actually need to make changes to ...READ MORE

answered Dec 21, 2018 in AWS by Archana
 • 5,640 points 1,365 views
0 votes
1 answer

How can I return binary body and http headers from an AWS lambda through API gateway

I recently got this working after facing ...READ MORE

answered Sep 4, 2018 in AWS by Priyaj
 • 58,020 points 7,805 views
0 votes
1 answer

Get the names of different stages in an AWS Lambda function?

How to get the name of the ...READ MORE

answered Sep 27, 2018 in AWS by Priyaj
 • 58,020 points 3,235 views
0 votes
1 answer

how to access AWS S3 from Lambda in VPC

With boto3, the S3 urls are virtual by default, ...READ MORE

answered Sep 28, 2018 in AWS by Priyaj
 • 58,020 points 10,122 views
0 votes
1 answer

Fail to enable CORS for API Gateway functions

Firstly please select your root resource and ...READ MORE

answered Oct 9, 2018 in AWS by Priyaj
 • 58,020 points 9,387 views
0 votes
1 answer

CORS in AWS API Gateway + AWS Lambda

You could try downloading the AWS APIG ...READ MORE

answered Oct 9, 2018 in AWS by Priyaj
 • 58,020 points 4,082 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.