By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Access-Control-Allow-Origin Header with Cloudfront

0

Hi Fam,

In project i am working right now, developer run a vulnerability in frontend application. then there is some vulnerability regarding Access-Control-Allow-Origin: this header now contain value as *, the vulnerability checked SW says its a vulnerability issue. the solution it gives, to add the domain to this header.

anyone has faced this earlier please help me to solve this.

I have tried with cloudfront but it didnt work.

Thank You.

Topics
ServerlessFront-End Web & MobileNetworking & Content Delivery
Tags
Amazon API GatewayAmazon CloudFront
Language
English
layansp
asked 4 months ago151 views
2 Answers
1

Hello.

Are there any other response header policies set in CloudFront?
Will setting "Access-Control-Allow-Origin" in the response header policy solve the problem?
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/creating-response-headers-policies.html

profile picture
EXPERT
Riku_Kobayashi
answered 4 months ago
  • layansp
    4 months ago

    Thank you mate, I'll try in this way

1

Hi,

This guidance proposes solutions to your problem: https://repost.aws/knowledge-center/no-access-control-allow-origin-error

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 4 months ago
  • layansp
    4 months ago

    Thank you mate I'll try this. its appreciated

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content