I have a custom Lambda function that I set up with API Gateway. When invoking the API gateway resource path with Postman the Lambda gets invoked and does what it should. I enabled CORS on the API Gateway and didn't forget to deploy.
On Cloudfront I set up API Gateway as origin. Also I set up a cache behavior that forwards the headers as you can see in the following screenshot.
The response when invoking the endpoint in Cloudfront is the following:
I also tried removing the Host header, which leads to the same error Code but "MissingAuthenticationToken" as error reason. Because I found in the internet, that CORS might be a reason for this, I also tried setting the CORS headers in the response of my Lambda function which also didn't help.
I'm out of ideas right now. Does anyone know how to help? I had nothing but trouble with Cloudfront so far.
Related
I have a CloudFront distribution that forwards all requests to API Gateway. I want my CloudFront distribution to forward all viewer headers to API Gateway.
I tried adding the managed AllViewer Origin request policy, but when sending a request to the distribution, I get { "message": "Forbidden" }.
I found out from a different Stack Overflow question that the reason that happens is because of the Host header being the cloudfront domain that is forwarded to my API gateway.
I tried adding a custom Host header to the cloudfront distribution to fix the issue, but the Host header is one of the custom headers that CloudFront can’t add to origin requests.
How can I forward all request headers to the API Gateway without specifying each one individually in a custom origin request policy?
I am trying to fetch the metadata I stored on NFT.storage using axios, but each time I get this error:
Access to XMLHttpRequest at 'ipfs://bafyreib6hf354pwtnwxdmfllegogffvkv2dzsrgbithvjbzzewu757bxay/metadata.json' from origin 'http://127.0.0.1:3000' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, chrome-untrusted, https.
I have solved this issue many times when I used to do web2 development but don't know how to do this here.
You cannot directly access ipfs:// prefixed content from a normal browser or js. Instead, you'd have to access it through a gateway.
Some popular gateways are ipfs.io, pinata, moralis..
This is an example usage of an ipfs gateway:
https://ipfs.io/ipfs/bafyreib6hf354pwtnwxdmfllegogffvkv2dzsrgbithvjbzzewu757bxay/metadata.json
Try making your axios request to this url
I have an AWS EC2 Jira instance running behind an AWS Classic load balancer. The site loads in the browser fine, but all API requests are returning 404 for some reason. It is not a Jira 404, but a generic 404 response with no body and minimal headers. Only response useful header seems to be Server: nginx.
Tried white-listing my client IP, opening up all ports, sending request to the LB and directly to the instance with proper security group settings, etc., but same 404 response is returned. I'm using Postman to test the API. I noticed when I load the EC2 instance directly in the browser, it redirects to the load balancer.
Returns 200 with HTML. Basic auth works, too.
GET http://jira (home page)
Returns 404:
GET http://jira/rest/api/2/issue/ticket-num (or any other /rest/ endpoints)
Where should I start looking to debug this 404 issue? I feel like I'm missing something basic. I'm not seeing any Jira configuration for setting up its rest API. I feel like perhaps it's a server configuration issue, although I've never come across manual web server configuration while installing Jira, so maybe on the AWS's side?
EDIT: still waiting to get ssh access to the instance, so I'll update as I get more info and access.
This HTTP 404 responses with very limited set of headers could be from the default (the bottom one) rule in ELB. I experienced similar issue getting HTTP 404 because instead of host header I set path and provided the host domain name in one of ELB rules. So the rule did not work and default rule returned 404 because there is no such path exists on the instance.
I would recommend to try to use Redirect to or Return fixed response options for default rule to check out if it goes to the default rule.
I'm trying to setup AWS Api Gateway as a reverse proxy for my actual deployed API.
My understanding is that I do this by creating a "Proxy" Resource and then specifying my http endpoint URL - as described here
Create and Test an API with HTTP Proxy Integration through a Proxy Resource
This works fine when I try to use the API through the "Test" function within the Resource Editor. I can make calls to any exposed resources using GET methods and see the successful responses.
However, when I deploy the API Gateway API I can no longer access anything using the "Invoke URL" it gives me - I simply get:
{
"Message": "No HTTP resource was found that matches the request URI 'http://<myuniqueid>.execute-api.eu-west-1.amazonaws.com/api/Sector/100'.",
"MessageDetail": "No type was found that matches the controller named 'Sector'."
}
If I remove the "Use HTTP Proxy integration" checkbox from the "Integration Request" I can get it working, but why doesn't it work as a proxy?
I suspect that this is caused by a known issue with the HTTP proxy integration. When you use an HTTP proxy integration, API Gateway passes all headers through to the integration endpoint, including the HOST header. Many existing http endpoint require the use of a HOST header which matches their DNS name and in such cases, passing through the HOST header of the API Gateway can confuse the endpoint.
UPDATE: We identified a work-around for this issue.
In your integration request, explicitly add a header named "Host" and give it the value of the integration endpoint DNS name. This will replace the Host header forwarded from the incoming client request with the Host header you specify. This should allow your backend endpoint to function correctly.
I am using RestyGWT to communicate with remote service on JBoss AS7 but getting following error:
OPTIONS http://localhost:8080/remoteService No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8888' is therefore not allowed access.
VM482:81
XMLHttpRequest cannot load http://localhost:8080/remoteService No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8888' is therefore not allowed access.
I have enabled following headers and access control via #OPTIONS in back-end server as:
"Access-Control-Allow-Origin", "*"
"Access-Control-Allow-Methods", "POST, GET, UPDATE, DELETE, OPTIONS"
"Access-Control-Allow-Headers", "content-type,x-http-method-override"
My Client Interface to communicate with the server is as:
#Path("/remoteService")
public interface MonitorMeService extends RestService {
#Path(value="/getBooks")
#GET
#Consumes(MediaType.APPLICATION_JSON)
void getBooks(MethodCallback<List<Books>> callback);
}
Can anyone please tell what i am missing? What CORS handling i am missing?
I was using CORS successfully with RestyGWT until I hit a wall trying to get session cookies to work properly. I use Play framework on the server and the browser was not cooperating with the set-cookie header response to CORS moderated interactions.
I found out that I could completely dispense with all the CORS directives (and also no longer require the use of JSONP) by moving to a simple reverse proxy setup on the server.
This made everything simpler and the cookies work properly now.
If you are interested in more details, please respond to this - I'll be happy to post more details. thanks. JR
Apart from the OPTION, you have to set the Access-Control-Allow-Origin header also for other methods: POST, GET, etc
[EDIT]
I've never used restyGwt, so I dont know how to configure restyGwt servlets to set headers, but I use this filter I wrote sometime ago when I want to configure CORS in my server container. It works for any server servlet (RPC, RF, JSON, etc). I suggest to use this filter instead of dealing with headers in your app.