Reputation: 2194
CORS headers missing when request header has 'Accept-Encoding' for website of CloudFront + S3
we have a s3 bucket that is configured for CORS access. It has a CloudFront instance sitting in front of it. Here is the odd behavior I observed:
URL & Request Header | CORS headers in response
CF + "Accept-Encoding" | No
S3 + Accept-Encoding | Yes
CF - 'Accept-Encoding' | Yes
Is it expected? How can I force CF to always return CORS headers in response? thank you for any hints/clues
Upvotes: 4
Views: 1252
Answers (1)
Reputation: 1549
I found that this issue appears when you set access-control-allow-origin: * in CloudFront > 'your distribution' > Origins > 'your origin' > Edit > Origin Custom Headers. To fix this issue I removed that Origin Custom Header, see the screenshot:
Also, you need to create an invalidation so changes take effect, CloudFront > 'your distribution' > Invalidations > Create Invalidation.
To invalidate all resources you can just pass /* in the field or any other valid regexp for your use case
Upvotes: 1
Related Questions
- CloudFront is not correctly passing back the Access-Control-Allow-Origin header from S3
- CloudFront CORS headers getting cached, resulting in cross origin problems
- Content-Encoding header not returned from Cloudfront
- Access Denied from Cloudfront with Secure Cookies returns no CORS headers preventing reading error information from a XHR request
- Response from Cloudfront from S3 Origin keeps changing CORS Headers
- CORS AWS S3 and cloudfront
- How to forward headers from aws cloudfront when origin is s3
- AWS Cloudfront Missing Accept-Encoding Header
- Why is CloudFront varying CORS headers response based on Accept-Encoding?
- Does cloudfront not support CORS with custom origin?