Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CORS preflight errors due to unknown content-types #30984

Closed
wants to merge 1 commit into from
Closed

Fix CORS preflight errors due to unknown content-types #30984

wants to merge 1 commit into from

Conversation

takeshixx
Copy link

Set passthroughBehavior behavior to NEVER to prevent errors for CORS preflight requests with content-types other than application/json.

Issue # (if applicable)

This was reported as #18297, but it was closed without a fix.

Reason for this change

Using addCorsPreflight() will add a mock integration for OPTIONS requests and maps them to content-type application/json. However, OPTIONS requests with a content-type header other than application/json lead to HTTP 500 Internal Server Errors.

Description of changes

Setting the passthroughBehavior to NEVER returns a mime type error instead of a internal server error, which is the appropriate response.

It should be noted that this config was proposed in the initial implementation of addCorsPreflight() in #906 already. However, it looks like it didn't make it into the CDK. Instead the default configuration is use, which sets it to WHEN_NO_MATCH.

Description of how you validated changes

I tested the change by manually overriding the passthroughBehavior on the LambdaRestApi resource:

lambdaRestApi.methods
      .filter((m) => m.httpMethod === 'OPTIONS')
      .forEach((om) => {
        om.node.children.forEach((c) => {
          const mm = c as apigw.CfnMethod;
          mm.addOverride('Properties.Integration.PassthroughBehavior', apigw.PassthroughBehavior.NEVER);
        });
      });

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@takeshixx
Update resource.ts
a74f756 
Set `passthroughBehavior` behavior to `NEVER` to prevent errors for CORS preflight requests with content-types other than `application/json`.
@github-actions github-actions bot added beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK p2 labels Jul 31, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team July 31, 2024 07:50
aws-cdk-automation
aws-cdk-automation requested changes Jul 31, 2024
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@aws-cdk-automation
Copy link
Collaborator

Your pull request must be based off of a branch in a personal account (not an organization owned account, and not the main branch). You must also have the setting enabled that allows the CDK team to push changes to your branch (this setting is enabled by default for personal accounts, and cannot be enabled for organization owned accounts). The reason for this is that our automation needs to synchronize your branch with our main after it has been approved, and we cannot do that if we cannot push to your branch.

@github-actions GitHub Actions
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 31, 2024
@aws-cdk-automation
Copy link
Collaborator

The pull request linter fails with the following errors:

❌ The title of this pull request does not follow the Conventional Commits format, see https://www.conventionalcommits.org/.
❌ Pull requests from `main` branch of a fork cannot be accepted. Please reopen this contribution from another branch on your fork. For more information, see https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md#step-4-pull-request.

PRs must pass status checks before we can provide a meaningful review.

If you would like to request an exemption from the status checks or clarification on feedback, please leave a comment on this PR containing Exemption Request and/or Clarification Request.

@aws-cdk-automation
Copy link
Collaborator

Your pull request must be based off of a branch in a personal account (not an organization owned account, and not the main branch). You must also have the setting enabled that allows the CDK team to push changes to your branch (this setting is enabled by default for personal accounts, and cannot be enabled for organization owned accounts). The reason for this is that our automation needs to synchronize your branch with our main after it has been approved, and we cannot do that if we cannot push to your branch.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: a74f756
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@aws-cdk-automation aws-cdk-automation aws-cdk-automation requested changes

Assignees
No one assigned
Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@takeshixx @aws-cdk-automation