Blog

Edge runtimes compared: setting CORS on Workers, Lambda@Edge, and Supabase functions

Cold starts and CPU limits differ; CORS middleware must stay tiny to fit sub-millisecond budgets at scale.

Published: 2026-03-20Updated: 2026-03-221 min read

edgeserverlesscors

Consistency

Regional edge may cache negative CORS responses—purge after policy changes.

Test from multiple geographic POPs because DNS and TLS paths vary.

Wrangler and similar CLIs can simulate requests but not every browser quirk—keep staging parity tests.

Log sampling rates differ—ensure OPTIONS failures are never sampled away entirely.