Bird
0
0

A developer wrote this CORS configuration but the browser still blocks DELETE requests:

medium📝 Debug Q7 of 15
AWS - API Gateway
A developer wrote this CORS configuration but the browser still blocks DELETE requests:
{"CORSRules": [{"AllowedOrigins": ["https://app.example.com"], "AllowedMethods": ["GET", "POST", "PUT"]}]}

What is the error?
AMaxAgeSeconds is set too low
BAllowedOrigins should be '*' instead of specific domain
CAllowedHeaders is missing
DDELETE method is missing in AllowedMethods
Step-by-Step Solution
Solution:

  1. Step 1: Check AllowedMethods list

    DELETE method is not included in AllowedMethods.

  2. Step 2: Understand effect on DELETE requests

    Without DELETE allowed, browser blocks such requests due to CORS policy.

  3. Final Answer:

    DELETE method is missing in AllowedMethods -> Option D

  4. Quick Check:

    AllowedMethods must include request method [OK]
Quick Trick: Add all HTTP methods your app uses to AllowedMethods [OK]
Common Mistakes:
  • Thinking origin wildcard fixes method issues
  • Ignoring missing methods in AllowedMethods
  • Assuming AllowedHeaders affects method allowance

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
API Gateway - Resources and methods - Quiz 1easy API Gateway - Lambda integration - Quiz 7medium AWS Lambda - Event triggers for Lambda - Quiz 6medium CloudWatch - CloudWatch metrics - Quiz 9hard CloudWatch - CloudWatch metrics - Quiz 2easy Elastic Load Balancing - SSL/TLS termination - Quiz 6medium RDS and Relational Databases - RDS pricing considerations - Quiz 13medium RDS and Relational Databases - Parameter groups and option groups - Quiz 11easy RDS and Relational Databases - RDS security (encryption, security groups) - Quiz 7medium SNS and SQS - Dead letter queues - Quiz 13medium