- 最新
- 最多得票
- 最多評論
Hi there,
Setting Cache-Control:private does not preventing caching of an error response, the private response directive indicates that the response can be stored only in a private cache and not in shared caches such as CloudFront/CDN.
This is how CloudFront behaves with cache-control:private, If CloudFront gets an object from the origin that includes the Cache-Control: no-cache, no-store, and/or private directives, and then later CloudFront gets another viewer request for the same object, CloudFront tries to contact the origin to fulfill the viewer request.
You also asked if private information in your other response headers might be seen by others, yes it can. If your response contain cache-control private then CloudFront will not cache as per the doc but the files will be publicly accessible as the directive private is specific to caching. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
A workaround to ensure that the error response is not cached is to configure a dummy error page on CloudFront and then set a TTL of 0seconds. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/GeneratingCustomErrorResponses.html
相關內容
- 已提問 1 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前