被CORS政策封锁:没有'Access-Control-Allow-Origin'。怎么修

时间:2019-10-10 15:36:09

标签: ajax aws-lambda cors aws-api-gateway

我正在尝试使用AJAX调用从浏览器中访问API,并且在浏览器中看到了这一点。 

Access to XMLHttpRequest at 'https://.......us-east-1.amazonaws.com/...' from origin 'https://....cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

后端实际上是一个AWS Lambda。那么我应该在客户端还是在服务器端修复此问题?

1 个答案:

答案 0 :(得分:0)

将标题设置为您的LAMBDA响应。 

var response = {
        statusCode: 200,
        headers: {
            "Access-Control-Allow-Headers" : "*",
            "Access-Control-Allow-Origin": "*"
        },
        body: JSON.stringify(data)
};

您可以设置要允许的Access-Control-Allow-Headers个特定标头,而不是*(全部)和域。

相关问题
最新问题