Edge functions failing with 502 error

I have a trivial edge-function / serverless function example that works fine in dev but fails when deployed.

The repo is available at to try out

And it is deployed at if you want to look there?!

The scenario is as follows.

I have a netlify edge function ‘auth’ which basically runs to authenticate access to every serverless function on the /.netlify/* path.

I have a trivial ‘node-fetch’ serverless function ‘content’ that fetches some data from https://icanhazdadjoke.com.

I have another edge-function, fetch-content that runs on path /fetch-content.

Locally in dev… every thing works fine… but if you deploy it then the edge-function bails out

The edge function logs…
3:47:42 PM: [fetch-content] fetch-content error! [fetch failed 502]
3:48:41 PM: [fetch-content] fetch-content error! [fetch failed 502]

Not sure why this should be… some recursion going on with the edge-functions?

Hi @andystevenson

I set up a basic test and it works locally, and when deployed.

This is what I have:

Edge function

// netlify/edge-functions/main-edge.js
export default async({headers}) => {

  const auth = headers.get('authorization')

  if (auth !== "testing")
    return new Response("Unauthorized!", { status: 401 })


// netlify/functions/fetch-content.js
exports.handler = async() => {

  return {
    statusCode: 200,
    body: "Fetched!"
// netlify/functions/main.js
exports.handler = async() => {

  return {
    statusCode: 200,
    body: "Main function"

And the netlify.toml

  publish = "site" # Couple of basic files

  path = "/.netlify/*"
  function = "main-edge"

  from = "/fetch-content"
  to = "/.netlify/functions/fetch-content"
  status = 200

In the browser, accessing
https://hgjhi08oihlnk.netlify.app/fetch-content shows Fetched!

However accessing
https://hgjhi08oihlnk.netlify.app/.netlify/functions/fetch-content shows Unauthorized!

As does https://hgjhi08oihlnk.netlify.app/.netlify/functions/main and https://hgjhi08oihlnk.netlify.app/.netlify/functions/non-existent-function.

Using cURL

% curl -i https://hgjhi08oihlnk.netlify.app/fetch-content
HTTP/2 200
# other headers removed for brevity

% curl -i https://hgjhi08oihlnk.netlify.app/.netlify/functions/fetch-content
HTTP/2 401
# other headers removed for brevity

% curl -i https://hgjhi08oihlnk.netlify.app/.netlify/functions/fetch-content -H'Authorization: testing'
HTTP/2 200
# other headers removed for brevity


I don’t know that protecting the /.netlify/* path is necessarily the most appropriate thing as it may impact other things (I don’t know what else runs under that path.)

1 Like

Hi, Coel,

Many thanks for the feedback.
I appreciate the example and sure I can rejig my examples to get a workaround.

However my scenario is slightly different and I was curious why it worked locally and not remotely?

What differs is I am calling fetch() from within an edge function to a serverless function which has another edge function protecting it.

I will have a go at modifying your example to see if it also breaks!

Regards Andy

I added another edge function

// netlify/edge-functions/fetch.js
export default async({url, headers}) => {

  try {
    const res = await fetch(`${new URL(url).origin}/.netlify/functions/fetch-content`, {
      headers: {
        Authorization: 'testing'
    const msg = await res.text()

    if (!msg)
      throw new Error("No message received!")

      return new Response(msg)

  } catch(e) {
    return new Response(e.message || e.toString(), { status: 500 })


# Addition to netlify.toml
  path = "/fetcher"
  function = "fetch"

Visiting https://hgjhi08oihlnk.netlify.app/fetcher in the browser results in the message

Recursive requests to the same deployment cannot be processed.