I have an API defined in a SAM template this way:
BackendApi:
Type: AWS::Serverless::Api
Properties:
StageName: prod
DefinitionBody:
Fn::Transform:
Name: AWS::Include
Parameters:
Location: api/swagger.yaml
Cors:
AllowMethods: "'*'"
AllowHeaders: "'*'"
AllowOrigin: "'*'"
One of the endpoints defined on top of this API later in the template points to a Lambda that also returns a custom X-Total-Count
header. The problem is that this custom header isn't being picked up by the frontend JS (in React, but that's irrelevant), which is due to a CORS whitelist of which headers are allowed to be accessed by the client.
The solution appears to be to add the header Access-Control-Expose-Headers: 'X-Total-Count'
, but the following addition to the template does not work:
ExposeHeaders: "'X-Total-Count'"
This fails to deploy because this ExposeHeaders
thing is only supported by AWS::Serverless::HttpApi, not the "normal" REST AWS::Serverless::Api.
If I login to the AWS console and open up the API, I do get the option of specifying a value for Access-Control-Expose-Headers
, but that's manual work and I want to do it via the template.
Is there a way to do it via SAM/CloudFormation instead of falling back on manually sending this header in my Lambda response?
Note: There are no conflicting statements in the Swagger definition that would be the problem here. Without the ExposeHeaders
statement, the whole thing gets deployed just fine and works fine in Postman, but browsers can't pick up the extra headers.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…