Set "Access-Control-Allow-Origin" header in webhook

I’m trying to set a custom value for the “Access-Control-Allow-Origin” header returned by a webhook. Here’s my webhook code:

type WebhookResult = {
  statusCode: number,
  headers: object,
  body: string,

export default async (event: any, ctx: any) : Promise<WebhookResult> => {

  return {
    statusCode: 200,
    headers: {
      "Access-Control-Allow-Origin": "",
    body: JSON.stringify({
      "response": {
        "message": "Success"

However, when I receive the actual response after querying the webhook endpoint, the “Access-Control-Allow-Origin” is set to “*”. I need to set a specific value, rather a wildcard, so this won’t do.

Why is my custom value for the “Access-Control-Allow-Origin” getting overwritten? How can I prevent this from happening?

@evgeny.semushin do we currently have a way to accomplish this???

The other custom headers that I’m setting are being passed perfectly fine…I hope it will work for “Access-Control-Allow-Origin” too! It’s not a spec requirement that I can change, so if I can’t set the value for “Access-Control-Allow-Origin” then I might not be able to use 8base :frowning:

@Serena can you please try again. Should be fixed now

Thank you @evgeny.semushin! It’s working now!