New in the forums here and relatively new to Serverless framework here so bear with me. I have a simple end-point that I deployed using the httpApi. I want to set up CORS for it and according to the reference here, it should be possible:

However, I get this in for my config:
Serverless: Configuration warning at 'functions.requestRegistration.events[1].httpApi': unrecognized property 'cors'

This is more than mildly inconvenient - my serverless.yml looks like this for the relevant part:

    handler: UserApi/requestRegistration.handler
    #reservedConcurrency: ${self:custom.lambdaConcurrency}
      - http:
          path: register
          method: post
          cors: true
      - httpApi:
          cors: true
          method: POST
          path: /register

And these are the versions I’m rocking:

Framework Core: 1.80.0
Plugin: 3.8.1
SDK: 2.3.1
Components: 2.34.9

In addition, setting the “payload: ‘2.0’” for them also gives me an unrecognized property error. What am I missing here?

Having the same warning here, even after updating to the latest serverless. Have you found out what was happening on your side?

It seems the cors configuration got moved up into the provider config:


Oh I see, thanks! That clarifies it. I was able to hack around the thing by defining OPTIONS end-points myself that return 200 OK, but this seems preferable.

Cors should work by default imho. No need to set anything in the serverless.yml.

That would be quite dangerous, cors exists so that not any remote origin can access your resources, it’s for your resources protection, so it’s ideal to not work by default, but having fine-grained controls to allow it step by step.