使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

CloudFront cache policy incorrect Set-Cookie behaviour

1

We've experienced a new issue with CloudFront. We have a cache policy set to cache for 30 seconds (min, max and default are 30 seconds) with no headers, cookies or query parameters configured. We had it like that for a few months, but we've just started having issues because it was returning a Set-Cookie header in the cached response. According to the docs, Set-Cookie headers are supposed to be removed when no cookies are configured.

This is really problematic since it means someone can receive a private cookie meant for someone else. We were only able to reproduce the issue in some regions (Europe) and we think it started somewhere around Saturday (2023-11-05).

主題
網路與內容交付
標籤
Amazon CloudFront
語言
English
Frederic Gascon
已提問 6 個月前檢視次數 284 次
1 個回答
0

Hi, like you wrote, CloudFront should include the Set-Cookie header if no cookies are forwarded to the origin.

To address your distribution/account-specific question, please open a technical support ticket. Please provide us with more details about the response, ideally the X-Amz-Cf-Id header value. You can also add the Distribution ID and path that is returning incorrect response headers.

AWS
Piotrek
已回答 6 個月前
  • Frederic Gascon
    6 個月前

    Is paying for technical support really the only way to report a potential new bug on AWS side?

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容