PATCH verb failing CORS preflight

For whatever reason, no matter what I do, I can’t get a preflight request to allow the PATCH verb. This configuration snippet is what I’ve configured for my API endpoint, but the actual preflight is just allowing OPTIONS, GET, POST. What am I doing wrong?

FYI, my application works just fine for other requests (which are all GET or POST).

patchfiles:
handler: services/files.patchFiles
memorySize: 128
timeout: 10
events:
- http:
path: files/{id}
method: patch
authorizer:
arn: arn:aws:**************
cors:
origin: ‘*’
headers:
- Content-Type
- X-Amz-Date
- Authorization
- X-Api-Key
- X-Amz-Security-Token
- X-Amz-User-Agent
allowCredentials: false
cacheControl: ‘max-age=600, s-maxage=600, proxy-revalidate’
methods: ‘DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT’

The endpoint works in Postman as well (I know this is a CORS problem, just saying…)

image779×475 12.3 KB

Hey out of interest did you end up resolving this…all those years ago? XD having the same issue.

Works in Postman.

Probably the CORS allow methods is wrong. It’s impossible to tell from the OP’s post which has all the indents removed.

Nah i found it in the end…

After 4 frustrating hours, I legit prayed XD then the thought popped into my mind to check another browser and everything worked ?!..then i thought extensions…

Don’t know if there’s a hot key for it but … this was turned on

Switched it off and everything worked.