From 5033678d1d9efcf572af3499580c79a1d8b0d34a Mon Sep 17 00:00:00 2001
From: Cuong Vu <cuongvh@reapit.com>
Date: Thu, 14 May 2020 11:58:35 +0700
Subject: [PATCH] fix: fix web component cors headers (#1251)

---
 packages/web-components/serverless.yml | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/packages/web-components/serverless.yml b/packages/web-components/serverless.yml
index dd32d22685..48577192f2 100644
--- a/packages/web-components/serverless.yml
+++ b/packages/web-components/serverless.yml
@@ -15,6 +15,14 @@ custom:
       noFrozenLockFile: false
     excludeFiles: src/**/*.test.ts
     keepOutputDirectory: true
+    allowedHeaders:
+      - Content-Type
+      - X-Amz-Date
+      - Authorization
+      - X-Api-Key
+      - X-Amz-Security-Token
+      - X-Amz-User-Agent
+      - reapit-customer
 
 provider:
   name: aws
@@ -57,7 +65,10 @@ functions:
       - http:
           path: properties
           method: get
-          cors: true
+          cors:
+            origin: '*'
+            headers: ${self:custom.allowedHeaders}
+            allowCredentials: false
           private: true
           request:
             parameters:
@@ -68,7 +79,10 @@ functions:
       - http:
           path: properties/{id}
           method: get
-          cors: true
+          cors:
+            origin: '*'
+            headers: ${self:custom.allowedHeaders}
+            allowCredentials: false
           private: true
           request:
             parameters:
@@ -79,7 +93,10 @@ functions:
       - http:
           path: propertyImages
           method: get
-          cors: true
+          cors:
+            origin: '*'
+            headers: ${self:custom.allowedHeaders}
+            allowCredentials: false
           private: true
           request:
             parameters: