serverless-binary-cors
Advanced tools
A Serverless framework plugin to enable proper cors when APIGateway has binary media types configured
A Serverless framework plugin to enable proper CORS when APIGateway has binary media types configured
npm install serverless-binary-cors
or
yarn add serverless-binary-cors
This is an early implementation of this plugin. So far it's working for all my use cases, but has not been tested in many other configurations. It could need additional work to handle all possible setups. Your contributions are appreciated.
When enabling Binary Media Types in API Gateway, the most flexible setting is to use */* as it does not require a client to send an Accept: header. However, this then starts causing OPTIONS methods to begin failing with 500 errors due API Gateway not knowing how to encode the response.
After multiple calls with AWS Support (as this is totally undocumented), we landed on a solution which is to modify the Integration Response of the MOCK integration that is used to handle these OPTIONS methods. The trick is to use an actual binary Content-Type in the Mapping Templates.
Getting this to configure with Serverless requires modifying the underlying CloudFormation templates.
This plugin makes those nessisary modification.
FAQs
A Serverless framework plugin to enable proper cors when APIGateway has binary media types configured
We found that serverless-binary-cors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.