CloudFront Not Using SimpleCORS Policy
0
Please note that this issue has reared it's ugly head only within that last 3 or fours days with no modifications to the CloudFront distribution behaviours on our end.
I currently have our distribution (with an S3 Origin) using the SimpleCORS Response headers policy:
It seems something has changed recently regarding the SimpleCORS Policy where the Access-Control-Allow-Origin header is no longer forwarding the wildcard (*) , or caching the Access-Control-Allow-Origin header, resulting with CORS errors all over our affiliate sites.
Has anyone else been experiencing this issue?
No Answers
- Newest
- Most votes
- Most comments
Relevant content
- asked 10 months ago
- asked 6 months ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
We encountered the exact same issue on Monday 22APR2024; it shook our faith in AWS since this unknown change caused some pain for us. Our Cloudfront distribution behavior utilized "Simple CORS" since mid 2023 without issues. This behavior is associated with static content in a S3 origin.
After a lot of digging, I was able to resolve the issue by creating a custom "Response headers policy" and activated CORS with it ("Configure CORS" selection). I followed this re:Post to help facilitate a resolution: https://repost.aws/questions/QUZCqyczimR5SOfbjSQ70I0g/cloudfront-not-using-simplecors-policy
AWS can you please provide some insight since something appears to have changed during the weekend of 20APR2024 or 21APR2024.