Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

CloudFront cache policy incorrect Set-Cookie behaviour

1

We've experienced a new issue with CloudFront. We have a cache policy set to cache for 30 seconds (min, max and default are 30 seconds) with no headers, cookies or query parameters configured. We had it like that for a few months, but we've just started having issues because it was returning a Set-Cookie header in the cached response. According to the docs, Set-Cookie headers are supposed to be removed when no cookies are configured.

This is really problematic since it means someone can receive a private cookie meant for someone else. We were only able to reproduce the issue in some regions (Europe) and we think it started somewhere around Saturday (2023-11-05).

Tópicos
Rede e entrega de conteúdo
Tags
Amazon CloudFront
Idioma
English
Frederic Gascon
feita há 6 meses284 visualizações
1 Resposta
0

Hi, like you wrote, CloudFront should include the Set-Cookie header if no cookies are forwarded to the origin.

To address your distribution/account-specific question, please open a technical support ticket. Please provide us with more details about the response, ideally the X-Amz-Cf-Id header value. You can also add the Distribution ID and path that is returning incorrect response headers.

AWS
Piotrek
respondido há 6 meses
  • Frederic Gascon
    há 6 meses

    Is paying for technical support really the only way to report a potential new bug on AWS side?

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante