8

I am trying to set the Access-Control-Allow-Methods header for options and it appears currently that claudia-api-builder does not have the ability to set the http options response, like a GET request would. See GET example below.

GET Example

api.get('/hard-coded-headers', function () {
   return 'OK';
}, {success: {headers: {'Access-Control-Allow-Methods': 'GET, HEAD, OPTIONS'}}});

Furthermore ...

If this header value is set via aws-api-gateway -> resources -> OPTIONS > Integration Response and then if you were to perform a claudia update it would be overwritten back to its default state as seen below.

AWS-ApiGateway Custom mapping response setting

The claudia-api-builder docs show that it supports API Gateway custom error responses but nothing for success.

I would like to be able to set options custom header responses like the way a GET request is handled. Is this possible?

Tyler Rafferty
  • 3,391
  • 4
  • 28
  • 37

2 Answers2

2

Have you tried the new ApiResponse() function?

api.get('/programmatic-headers', function () {
  return new api.ApiResponse('OK', {'Access-Control-Allow-Methods': 'GET, HEAD, OPTIONS'}, 200);
});
RickyM
  • 867
  • 6
  • 7
1

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to let a user agent gain permission to access selected resources from a server on a different origin (domain) than the site currently in use.

you can guarantee permission to a domain (or several), http verb or contentType

res.header('Access-Control-Allow-Origin', 'example.com');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
makitocode
  • 938
  • 1
  • 16
  • 40