Revolgy blog

How to enable CORS on Google Cloud Functions?

Written by Revolgy | March 31, 2023

Simply put, Cross-Origin Resource Sharing (CORS) is a way for the server to say, “I will accept your request, even though you came from a different origin.”

It’s a mechanism that enables web pages to request restricted resources from a domain outside the domain where the resource originated. This allows for sharing resources between different domains and provides greater flexibility for web developers in designing and building web applications.

Let’s find out below how to enable CORS on Google Cloud Functions.

How to Enable CORS on Google Cloud Functions?

Enabling CORS on Google Cloud Functions is a simple process. First, you need to add some code to your function; this is an example of a code for Python:

import functions_framework

@functions_framework.http
def cors_enabled_function(request):
    # For more information about CORS and CORS preflight requests, see:
    # https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request

    # Set CORS headers for the preflight request
    if request.method == 'OPTIONS':
        # Allows GET requests from any origin with the Content-Type
        # header and caches preflight response for an 3600s
        headers = {
            'Access-Control-Allow-Origin': '*',
            'Access-Control-Allow-Methods': 'GET',
            'Access-Control-Allow-Headers': 'Content-Type',
            'Access-Control-Max-Age': '3600'
        }

        return ('', 204, headers)

    # Set CORS headers for the main request
    headers = {
        'Access-Control-Allow-Origin': '*'
    }

    return ('Hello World!', 200, headers)

This code will enable CORS for all requests, allowing requests from any origin. You can also specify an origin if you wish. For example, if you want to allow requests from example.com, you can use the following code:

def cors_enabled(request):
    # Set CORS headers for the preflight request
    if request.method == 'OPTIONS':
        # Allows GET requests from example.com with the Content-Type
        # header and caches preflight response for an 3600s
        headers = {
            'Access-Control-Allow-Origin': 'example.com',
            'Access-Control-Allow-Methods': 'GET',
            'Access-Control-Allow-Headers': 'Content-Type',
            'Access-Control-Max-Age': '3600'
        }

        return ('', 204, headers)

    # Set CORS headers for the main request
    headers = {
        'Access-Control-Allow-Origin': 'example.com'
    }

    return (request.get_json(), 200, headers)

Once you have added the code to your function, you can deploy it to Google Cloud Functions. You can then test your function to ensure that CORS is enabled correctly.

Conclusion

This blog post discussed allowing Cross-Origin Resource Sharing (CORS) on Google Cloud Functions. We also went over adding the required code to your function.

Would you like to find out more about different solutions and hacks for the cloud? Contact us for a free consultation.