How to allow CORS on Netlify Functions

January 24, 2021

CORS is a browser feature that blocks HTTP requests from one domain to another, unless the destination has the proper headers set up.

If you run into CORS errors with Netlify functions, you can fix them by returning a header called access-control-allow-origin with value *. This allows any (signified by *) origin (domain name) to make an HTTP request to the function.

You can return the header using the Netlify Functions callback function:

callback(null, {
  statusCode: 200,
  body: "Hello, world!"
  headers: {
    "access-control-allow-origin": "*"
  }
})

A quick favor: was anything I wrote incorrect or misspelled, or do you still have questions? Please use this form to let me know or ask for help!