Hi everyone. I am having trouble with AWS API Gateway and CORS in Pedestal. I am not sure how to make it work...

I have added the ::http/allowed-origins to the service-map but this is not working for me...

@hadilsabbagh18 Are your aws api's using an authorizer?

No, should they>

?

So, to be clear, this api is an unauthed api? Are you using ions/http-direct?

No, lambda. This is an unathed api.

So it's pedestal running in a JVM Lambda?

When I call it from an S3 website, it is returning 404 errors.

I have listed the domain name as an allowed origin.

@hadilsabbagh18 On the apigateway resource have you clicked the "Enable CORS" dropdown?

Yes, I have. And changed from Mock to Lambda proxy integration.

Does your service map contain the secure-headers key?

No.

@hadilsabbagh18 I use ::http/secure-headers {:content-security-policy-settings "script-src 'self' 'unsafe-inline' 'unsafe-eval'"}}

Thanks @souenzzo

@souenzzo What is my-bucket supposed to be set to? My domain or the domain of the caller?

Ok, thanks!

After returning a status code of 200 from my Lambda function, AWS then does this:

(3308d6aa-08fe-40c8-9e24-ac22487b359b) Method response headers: {Access-Control-Allow-Origin=, Access-Control-Expose-Headers=, Content-Type=text/plain, X-Amzn-Trace-Id=Root=1-5db34f42-39cc3ea420f2cc35a7ae7d3c;Sampled=0}

Is that response from your lambda or from apigateway?

apigateway

It seems to mask the Lambda output.

I have my UI done in react. My backend is done Clojure. I use Pedestal as my server. I deployed my web app. After being deployed, I can access my site. However, If I stay in the page longer than 5 minutes, it comes back with

ErrorPanel.js:36 Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.

this is in my react ui

My backend appears to be healthy with no warns/errors. THey run a healthy check heartbeat every 10seconds