Add cross-origin resource sharing (CORS) header to the request

The following example function adds an Origin HTTP header to the request if the request doesn’t already contain this header. This header is part of cross-origin resource sharing (CORS). This example sets the header’s value to the value in the request’s Host header. For more information, see Origin on the MDN Web Docs website.

This is a viewer request function.

See this example on GitHub.


function handler(event) {
    var request = event.request;
    var headers = request.headers;
    var host = request.headers.host.value;

   // If origin header is missing, set it equal to the host header.
   if (!headers.origin)
       headers.origin = {value:`https://${host}`};

   return request;
}

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Add a cross-origin resource sharing (CORS) header to the response

Add security headers to the response