Although CORS has been set up through API Gateway and the Access-Control-Allow-Origin
header is set, I still receive the following error when attempting to call the API from AJAX within Chrome:
XMLHttpRequest cannot load http://XXXXX.execute-api.us-west-2.amazonaws.com/beta/YYYYY. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403.
I attempted to GET the URL through Postman and it shows the above header is successfully passed:
And from the OPTIONS reponse:
How can I call my API from the browser without reverting to JSON-P?
Best Answer
I get the same problem. I have used 10hrs to findout.
https://serverless.com/framework/docs/providers/aws/events/apigateway/