在Serverless框架中的yml文件中可以配置:
service: my-service
provider:
name: aws
runtime: nodejs14.x
environment:
ACCESS_CONTROL_ALLOW_ORIGIN: '*'
ACCESS_CONTROL_ALLOW_HEADERS: 'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'
ACCESS_CONTROL_ALLOW_METHODS: 'GET,OPTIONS'
CORS_INCLUDE_CREDENTIALS: true
apiGateway:
cors:
allowedOrigins:
- '*'
allowedHeaders:
- 'Content-Type'
- 'X-Amz-Date'
- 'Authorization'
- 'X-Api-Key'
- 'X-Amz-Security-Token'
allowCredentials: true
allowedMethods:
- 'GET'
- 'OPTIONS'
该配置将允许所有域名的GET请求,并允许发送超出标准请求头的请求,同时允许附带cookie,即允许跨域访问。
module.exports.handler = async (event, context) => {
const response = {
statusCode: 200,
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token',
'Access-Control-Allow-Methods': 'GET,OPTIONS',
'Access-Control-Allow-Credentials': true
},
body: JSON.stringify({
message: 'Hello World!'
})
};
return response;
};
该代码将会在响应头信息中添加CORS策略,并允许跨域请求。