Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CORS issue in deployment #449

Open
MCatherine1994 opened this issue Feb 22, 2023 · 3 comments
Open

CORS issue in deployment #449

MCatherine1994 opened this issue Feb 22, 2023 · 3 comments
Labels
🐞 bug Something isn't working

Comments

@MCatherine1994
Copy link
Contributor

MCatherine1994 commented Feb 22, 2023
edited
Loading

After deploy to TEST, we saw a CORS problem that block the api call from frontend to backend in TEST.

image.png

The manual solution is go to the API Gateway for TEST, select the top level "/", and from the "Actions" dropdown, select "Enable CORS", and put test frontend url "https://fam-tst.nrs.gov.bc.ca" to the "Access-Control-Allow-Origin*" field, and click "Enable CORS and replace existing CORS headers". Then from "Actions" select "Deploy API", and select "V1" to redeploy the API.

Screen Shot 2023-02-22 at 10.20.01 AM.png

Screen Shot 2023-02-22 at 10.21.03 AM.png

Screen Shot 2023-02-22 at 10.21.55 AM.png

Screen Shot 2023-02-22 at 10.23.18 AM.png

We tried to add the allow_origin config for the API Gateway to include the frontend url, but it didn't work. We still need to manually add that in API Gateway and do the redeployment of api in API Gateway.
Screen Shot 2023-02-22 at 10.25.50 AM.png
@MCatherine1994 MCatherine1994 added the 🐞 bug Something isn't working label Feb 22, 2023
@gormless87
Copy link
Collaborator

:)

@ianliuwk1019
Copy link
Collaborator

ianliuwk1019 commented Feb 28, 2023
edited
Loading

Just a comment/note on the fact that 'We tried to add the allow_origin config for the API Gateway to include the frontend url, but it didn't work.'=> 'TEST' that time seems to be in a strange state. The value in 'allow_origin' terraform was run but did not see the value reflected on TEST. Also that same day when both Catherine and Ian experimenting on things that deployed terraform to TEST the subsequent deployment should have overridden previous deployment but it did not happen.

On 27th, we decided to destroy TEST backend and redeploy and it looks like the CORS issue is gone for now.
Also there is a PR#447 (was added during that time trying to fix CORS) which restricts allowed origin is a good enhancement for security (for PROD). Should later be merged but needs discussion => Is it only for AWS frontend 'domain', or also 'localhost', how about the 'cognito debugger' (in lower environments)? Note! Terraform (or Cognito) does not seem to allow multiple string values when setting this ('allow_origin') up (as Catherine tried that before but did not work).

@basilv
Copy link
Collaborator

basilv commented Apr 13, 2023

It is possible that Terraform applied the changes to API gateway, but they weren't 'made live' which is a manual operation in AWS. Similar to RDS where changing certain parameters won't go into effect until database maintenance / restart.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐞 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@basilv @gormless87 @MCatherine1994 @ianliuwk1019