Hello! Does it take time for the _headers or netlify.toml file to begin using the headers in those files? I see content updates immediately, but the changes in the _headers file is not immediate. This is the header file: api-cat/_headers at deploy · rendall/api-cat · GitHub According to ‘playgro…

Okay! I may have solved this, and I will leave this here for anyone else struggling with this. functions appear to have different headers than rest of the site! So, functions’ headers are affected by neither the _headers file nor the netlify.toml headers section. According to Functions overview | …

Hi, that’s correct! You do indeed return the desired headers in your callback function. :slight_smile:

I imagine this is also possible by configuring a redirect in a netlify.toml file (untested): # netlify.toml [[redirects]] from = "/api/function-name" to = "/.netlify/functions/function-name" status = 200 [redirects.headers] Access-Control-Allow-Origin = "..."

You are a lifesaver! Just for anyone else who wants to see an example. Here is an example of my netlify function that returns data from my mongo database. return { statusCode: 200, headers: { 'Access-Control-Allow-Origin': '*', 'Content-Type': 'application/json' }, body: JSON.strin…

no, sorry. You should have tested…

rendall, thank you kindly. After 9 builds with increasing intensity to find where my headers were not going, this is the answer. Funny thing is that I was long using this in the callback, for critical headers; and yet adding more later, got caught up in the toml and redirects doc. There ought …

_headers / .toml / CORS

Support

SamFromFrance January 14, 2022, 5:47pm 8

Thanks guys! As in 2022, it’s still a lifesaver to add a headers property to the returned object:

return {
      statusCode: 200,
      headers: {
        "Access-Control-Allow-Origin": "*",
        "Content-Type": "application/json",
      },
      body: JSON.stringify(json),
    };

1 Like

Socket.io React App: Access to XMLHttpRequest at 'https://myserverURL/socket.io/xyz' from origin 'https://.mynetlify.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource

Topic		Replies	Views
Access-Control-Allow-Origin Policy Support authentication , cors	74	64020	March 5, 2024
I'm unable to set CORS header on POST/GET request to API on Netlify Functions Support lambda-functions , headers	1	1175	November 3, 2020
Can't allow certain files via "_headers" Support netlify-newbie , headers	1	597	December 3, 2020
Cors issue for serverless function Support lambda-functions , cors	1	348	October 31, 2023
Cannot return CORS header Support lambda-functions , cors	2	836	July 30, 2020

_headers / .toml / CORS

Related topics