问题
I'm with a very strange behavior with CORS using Cloudfront + S3
When I run
curl -I -s -X GET -H "Origin: https://myapp.com" https://s3.amazonaws.com/myapp/assets/fontawesome-webfont.woff | grep Access
and
curl -I -s -X GET -H "Origin: https://**www.**myapp.com" https://s3.amazonaws.com/myapp/assets/fontawesome-webfont.woff | grep Access
Both return the values as expected:
Access-Control-Allow-Origin: https://musicjungle.com.br
Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000 Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers,
Access-Control-Request-Method
But when I try to run the same curl using the Cloudfront URL, just the www subdomain works
curl -I -s -X GET -H "Origin: https://www.myapp.com" https://d1bfllp5zjnl7u.cloudfront.net/assets/fontawesome-webfont.woff | grep Access
Access-Control-Allow-Origin: https://www.musicjungle.com.br
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD
Access-Control-Max-Age: 3000 Access-Control-Allow-Credentials: true
The below command doesn't return the headers as expected
curl -I -s -X GET -H "Origin: https://myapp.com" https://d1bfllp5zjnl7u.cloudfront.net/assets/fontawesome-webfont.woff | grep Access
Any ideia why this could be happening? I already allowed Origin for both servers on S3 CORS configuration (as we can see above), but it seems to be something on Cloudfront configuration, that only allows "www.myapp.com".
回答1:
If I understand you right, I'd say it's a matter of CloudFront's Request Headers cache settings...
By default, CloudFront doesn't consider headers when caching your objects in edge locations. If your origin returns two objects and they differ only by the values in the request headers, CloudFront caches only one version of the object.
– Source.
So, go to your Distribution and edit your Behavior to allow CloudFront to cache objects based on the values of the Origin headers:
After new settings are established, create an Invalidation for the affected files.
来源:https://stackoverflow.com/questions/45528115/cloudfront-cors-only-works-for-subdomain