By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Does cloudfront remove response headers?

0

I have a file in s3 bucket and I serve that s3 bucket behind cloudfront. i have put the cors rules into s3 to

[
    {
        "AllowedHeaders": [],
        "AllowedMethods": [
            "GET"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": [],
        "MaxAgeSeconds": 0
    }
]

After creating invalidation, everything works. It returns the Accept-Control-Allow-Origin, Accept-Control-Allow-Methods, Accept-Control-Allow-Age. however the strange part is after a couple of days, it stopped returning those headers, and. I have to create an invalidation then those headers will come back. I am not sure what triggers this, maybe days, or something im not sure.

so, does cloudfront remove response headers for some reason?

Topics
Networking & Content Delivery
Tags
Amazon CloudFront
Language
English
rePost-User-7290314
asked 10 months ago588 views
1 Answer
0
Accepted Answer

It sounds like CloudFront's caching feature might be messing with your headers a bit. When CloudFront caches an object from your S3 bucket, it doesn't always grab the headers that your bucket provides. So, those CORS headers might be getting left out.When you go through the process of invalidation, you're basically giving CloudFront a nudge and saying "Hey, ditch your cached version and grab a fresh copy from the S3 bucket." And when it does, it pulls in all the up-to-date headers and serves them up.

You may want to try adjusting your CloudFront caching settings to either reduce the TTL value or use origin cache headers, so that the CORS headers from S3 are respected and included with responses more consistently.

Also using "*" as the AllowedOrigin can introduce security risks. You may want to consider narrowing this down to specific origins that need access.

update: CachingOptimized policy might have an impact on your headers and caching behavior. Test moving away from the "CachingOptimized" policy and use the "Use Origin Cache Headers" option.

If this helped please remember to mark the answer as accepted!

profile pictureAWS
monroery
answered 10 months ago
  • rePost-User-7290314
    10 months ago

    Thank you for the answer, but I think I forgot to mention that I am also using the CachingOptimized policy (658327ea-f89d-4fab-a63d-7e88639e58f6), do you think it has something to do with it?

  • monroery
    10 months ago

    CachingOptimized policy might have an impact on your headers and caching behavior. Test moving away from the "CachingOptimized" policy and use the "Use Origin Cache Headers" option.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content