Amazon-Web-Services

CloudFront 在設置 Accept-Encoding 時丟棄 Access-Control-Expose-Headers 標頭

  • August 3, 2019

我正在嘗試讓 CloudFront 提供壓縮後的文本文件以及Content-Length: <bytes>標題Access-Control-Expose-Headers: Content-Length,以便在使用fetch().

我的設置是:

  1. 在上傳到 S3 之前使用 gzip 預壓縮文件並設置Content-Encoding: gzip. (使用 CloudFront 的自動壓縮意味著它是即時壓縮的,並且Content-Length不會設置標頭。)
  2. S3設置的CORS設置Allow-Control-Expose-Headers: Content-Length如下:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
   <AllowedOrigin>*</AllowedOrigin>
   <AllowedMethod>GET</AllowedMethod>
   <AllowedMethod>HEAD</AllowedMethod>
   <AllowedHeader>*</AllowedHeader>
   <ExposeHeader>Content-Length</ExposeHeader>
</CORSRule>
</CORSConfiguration>
  1. 具有相應 S3 源的 CloudFront 設置和:
  • GET、HEAD、OPTIONS 允許
  • Origin 標頭已列入白名單
  • “自動壓縮對象”已禁用

使用此配置,我得到:

  • 從 S3 請求:

curl <s3 URL> -H "Accept-Encoding: gzip" -H "Origin: example.com" -I

HTTP/1.1 200 OK
x-amz-id-2: ...
x-amz-request-id: ...
Date: Sat, 03 Aug 2019 06:28:41 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Content-Length
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Sat, 03 Aug 2019 05:32:02 GMT
ETag: "6483b10f491dc607412899efad695a04"
Content-Encoding: gzip
x-amz-version-id: ...
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Content-Length: 559354
Server: AmazonS3
  • 從 CloudFront 請求但未指定Accept-Encoding: gzip(或只是故意將其拼寫為gzp):

curl <cloudfront URL> -H "Origin: example.com" -I

HTTP/2 200
content-type: text/plain; charset=utf-8
content-length: 559354
date: Sat, 03 Aug 2019 06:05:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Content-Length
last-modified: Sat, 03 Aug 2019 05:32:02 GMT
etag: "6483b10f491dc607412899efad695a04"
content-encoding: gzip
x-amz-version-id: ...
accept-ranges: bytes
server: AmazonS3
vary: Origin
age: 1572
x-cache: Hit from cloudfront
via: 1.1 xxxxx.cloudfront.net (CloudFront)
x-amz-cf-pop: ...
x-amz-cf-id: ...
  • 從 CloudFront 請求指定Accept-Encoding: gzip

curl <cloudfront URL> -H "Accept-Encoding: gzip" -H "Origin: example.com" -I

HTTP/2 200
content-type: text/plain; charset=utf-8
content-length: 559354
date: Sat, 03 Aug 2019 05:39:50 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
last-modified: Sat, 03 Aug 2019 05:32:02 GMT
etag: "6483b10f491dc607412899efad695a04"
content-encoding: gzip
x-amz-version-id: ...
accept-ranges: bytes
server: AmazonS3
vary: Origin
age: 3239
x-cache: Hit from cloudfront
via: 1.1 xxxx.cloudfront.net (CloudFront)
x-amz-cf-pop: ...
x-amz-cf-id: ...

請注意,access-control-expose-headers: Content-Length只是因為我們設置了Accept-Encoding: gzip.

(另請注意,即使Accept-Encoding: gzip已設置,S3 也很樂意返回它。)

有什麼方法可以讓 CloudFrontAccess-Control-Expose-Headers在請求時保留標頭Accept-Encoding: gzip

我相信我可能已經找到了答案。有必要Accept-Encoding在 CloudFront 記憶體行為中添加白名單標頭集。這樣做然後執行失效似乎可以解決它。

引用自:https://serverfault.com/questions/977818