By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cannot include localhost in cloudfront CORS policy

0

Hi all,

I want to include a CORS policy in Cloudfront, but the UI will not allow me to add https://localhost. I get the following error: "The parameter Access-Control-Allow-Origin contains https://localhost which is not a valid URL."

I can set this in other CORS policies (such as S3) so think this should be allowed.

Does anyone know if this is considered a bug? Is there a workaround?

Many thanks

Topics
Networking & Content Delivery
Tags
Amazon CloudFront
Language
English
Azbola
asked 2 years ago4542 views
1 Answer
0

Hi there,

Thank you for reporting this behavior when attempting to add "https://localhost" to the "Access-Control-Allow-Origin" section of a Response Header Policy. I have communicated this behavior to the CloudFront service team and they are investigating it further.

There are a few possible workarounds. If you can customize the response from your origin, you can configure CloudFront to forward the "Origin" header in the origin request and have your origin return this header in its response with the desired "https://localhost" value. As noted, S3 can be configured to return this value in its CORS configuration if you're using S3 as your origin.

Another approach is utilizing CloudFront Functions to add the "Access-Control-Allow-Origin: https://localhost" header to the response. An example function that can be adapted to accomplish this can be found here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/example-function-add-cors-header-response.html

SUPPORT ENGINEER
Michael_L
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content