in chalice/local.py [0:0]
def _autogen_options_headers(self, lambda_event: EventType) -> HeaderType:
route_key = lambda_event['requestContext']['resourcePath']
route_dict = self._app_object.routes[route_key]
route_methods = [method for method in route_dict.keys()
if route_dict[method].cors is not None]
# If there are no views with CORS enabled
# then OPTIONS is the only allowed method.
if not route_methods:
return {'Access-Control-Allow-Methods': 'OPTIONS'}
# Chalice ensures that routes with multiple views have the same
# CORS configuration, so if any view has a CORS Config we can use
# that config since they will all be the same.
cors_config = route_dict[route_methods[0]].cors
cors_headers = cors_config.get_access_control_headers()
# We need to add OPTIONS since it is not a part of the CORSConfig
# object. APIGateway handles this entirely based on the API definition.
# So our local version needs to add this manually to our set of allowed
# headers.
route_methods.append('OPTIONS')
# The Access-Control-Allow-Methods header is not added by the
# CORSConfig object it is added to the API Gateway route during
# deployment, so we need to manually add those headers here.
cors_headers.update({
'Access-Control-Allow-Methods': '%s' % ','.join(route_methods)
})
return cors_headers