- Newest
- Most votes
- Most comments
Just got of the lie with AWS support
if you specify the function code you also need to specify the function config
[pre]
AWSTemplateFormatVersion: "2010-09-09"
Description: CloudFront Test Function
Resources:
ResponseFunction:
Type: 'AWS::CloudFront::Function'
Properties:
Name: !Sub '${AWS::StackName}-response'
AutoPublish: true
FunctionConfig:
Comment: !Sub '${AWS::StackName} Security Headers'
Runtime: cloudfront-js-1.0
FunctionCode: |
function handler(event) {
var response = event.response;
var headers = response.headers;
headers['strict-transport-security'] = {value: 'max-age=63072000; includeSubDomains; preload'};
headers['content-security-policy'] = {value: "default-src 'none';"};
headers['x-content-type-options'] = {value: 'nosniff'};
headers['x-frame-options'] = {value: 'DENY'};
headers['x-xss-protection'] = {value: '1; mode=block'};
headers['referrer-policy'] = {value: 'same-origin'};
return response;
}
[/pre]
The error message is less than helpful!
Edited by: ryan-bennett on Jun 23, 2021 6:26 PM
Relevant content
- asked 3 months ago
- Why can't I view the EventBridge trigger in my Lambda function that my CloudFormation stack created?AWS OFFICIALUpdated 25 days ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 3 years ago