Serverless CORS Plugin - Managing Cross-origin resource sharing (CORS) policies
npm install serverless-cors-pluginA Serverless Plugin for the Serverless Framework which
adds support for CORS (Cross-origin resource sharing).
THIS PLUGIN REQUIRES SERVERLESS V0.5 OR HIGHER!
This plugins does the following:
* It will add CORS response headers to all resource methods with a CORS-policy
configured.
* It will add an OPTIONS preflight endpoint with the proper headers for all
resources with a CORS-policy configured.
In your project root, run:
``bash`
npm install --save serverless-cors-plugin
Add the plugin to s-project.json:
`json`
"plugins": [
"serverless-cors-plugin"
]
To find the best compatible (major) version, use the table below:
Serverless version | Plugin version
---|:---
v0.1 | v0.1
v0.2-v0.3 | v0.2
v0.4 | v0.3
v0.5 | v0.4
Add the following properties to s-function.json to configure a CORS-policy:
`json`
"custom": {
"cors": {
"allowOrigin": "*",
"allowHeaders": ["Content-Type", "X-Amz-Date", "Authorization", "X-Api-Key"]
}
}
The allowOrigin property is required, the other headers are optional. You can also add thiss-project.json
configuration to instead of s-function.json to apply the CORS-policy
project-wide.
Run endpoint deploy and the CORS headers will dynamically be configured and deployed.-a
Use the / --all flag to deploy pre-flight OPTIONS endpoints.
*Caution: you will probably notice some warnings on missing stage and region
template variables. These can be ignored until the issue is fixed.*
These are all options you can use:
Option | Type | Example
---|:---|:---
allowOrigin | String | "*" | Array | ["Content-Type", "X-Api-Key"] | Boolean | true | Array | ["Content-Type", "X-Api-Key"] | Number | 3600`
For more information, read the CORS documentation.
* Dynamically set origin headers (#2)
* Add more verbose (debugging) output
* Better support for authenticated requests
ISC License. See the LICENSE file.