- Newest
- Most votes
- Most comments
In order to make sure you get these headers in every response, you need to correctly set up CORS on your S3 bucket and make sure CloudFront is configured to forward the necessary headers.
For Amazon S3:
- Go to your S3 bucket in the AWS Management Console.
- Click on the "Permissions" tab.
- Click on "Cross-origin resource sharing (CORS)".
- Here, you can set your CORS policy. For example, a very simple and open policy might look like this:
[ { "AllowedHeaders": ["*"], "AllowedMethods": ["GET", "HEAD"], "AllowedOrigins": ["*"], "ExposeHeaders": [] } ]
For Amazon CloudFront:
If you're using Amazon CloudFront, you have to make sure CloudFront is configured to forward the necessary headers to your origin, which is your S3 bucket in this case.
- Go to your CloudFront distribution in the AWS Management Console.
- Click on the "Origins and Origin Groups" tab.
- Choose the origin for your S3 bucket.
- Scroll to "Cache and origin request settings", and select "Use a cache policy and origin request policy".
- For "Origin request policy", you can either create a new policy that forwards all headers, or use the managed "All viewer" policy.
- Click on "Save changes".
Please ensure you clear your browser cache or use incognito mode to avoid loading the resource from your local cache, otherwise the changes might not reflect immediately.
If the issue still persists after these steps, you may need to debug further by examining the network requests from your application and see whether the 'Origin' request header is being sent correctly. Also, double-check your S3 bucket and CloudFront configurations to ensure they are correct.
Remember to keep your CORS policy as strict as necessary to protect your content. The examples given are open policies and may not be suitable for production use. It's recommended to limit the 'AllowedOrigins' and 'AllowedHeaders' to only what's necessary.
For more information I would suggest the following documentation articles:
If the answer is helpful, please click "Accept Answer" and upvote it.
Relevant content
- Accepted Answerasked 3 years ago
- asked 4 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago