使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

CloudFront cache policy incorrect Set-Cookie behaviour

1

We've experienced a new issue with CloudFront. We have a cache policy set to cache for 30 seconds (min, max and default are 30 seconds) with no headers, cookies or query parameters configured. We had it like that for a few months, but we've just started having issues because it was returning a Set-Cookie header in the cached response. According to the docs, Set-Cookie headers are supposed to be removed when no cookies are configured.

This is really problematic since it means someone can receive a private cookie meant for someone else. We were only able to reproduce the issue in some regions (Europe) and we think it started somewhere around Saturday (2023-11-05).

主题
网络和内容交付
标签
Amazon CloudFront
语言
English
Frederic Gascon
已提问 6 个月前284 查看次数
1 回答
0

Hi, like you wrote, CloudFront should include the Set-Cookie header if no cookies are forwarded to the origin.

To address your distribution/account-specific question, please open a technical support ticket. Please provide us with more details about the response, ideally the X-Amz-Cf-Id header value. You can also add the Distribution ID and path that is returning incorrect response headers.

AWS
Piotrek
已回答 6 个月前
  • Frederic Gascon
    6 个月前

    Is paying for technical support really the only way to report a potential new bug on AWS side?

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容