AWS cloudfront 在不使用 Lambda@Edge 的情况下添加自定义标头 [英] AWS cloudfront add custom header without using Lambda@Edge
问题描述
我想将 x-frame-options 作为 sameorigin 添加到在 S3<上为我的应用程序提供服务的 AWS CloudFront 服务/strong> 桶.
我不想添加新的 Lambda 函数来编辑请求标头.
其实我在附件下找到了一个地方:
CloudFront Distributions -> My Distribution settings -> Origins and Origin Groups -> 代表我的应用程序的 S3 内容项 -> 添加 Origin 自定义标头 -> 标头名称:x-frame-options,值:同源
但是当部署完成时,仍然在 S3 存储桶文件和 URL 的所有相关请求中获取旧标头.
如何在没有任何 Lambda 函数的情况下直接使用现有的 AWS CloudFront 面板添加标头?
您正在配置的源自定义标头"不是添加到源响应中的标头,而是添加到向源发出的请求中的标头.来自 CloudFront 文档:><块引用>
您可以配置 CloudFront 以向请求添加自定义标头它发送到您的原点.这些自定义标头使您能够发送并从您的来源收集您无法获得的信息典型的观众请求.这些标题甚至可以为每个起源.CloudFront 支持自定义标头和自定义标头Amazon S3 起源.
所以这不是添加响应头的选项.虽然存在使用S3元数据来影响标头的可能性返回给查看器,这仅适用于 Content-Type-header,因此这既不是一个选项.
最好的选择是使用 Lambda@Edge 函数.虽然这听起来像是一个繁琐且昂贵的解决方案,但实际上并非如此.对于您的用例,Lambda@Edge 函数的代码可以如下所示简单:
def lambda_handler(event, context):response = event["Records"][0]["cf"]["response"]response["headers"]["x-frame-options"] = ":sameorigin"返回响应当您将此 Lambda@Edge 函数配置为在 CloudFront 中的源响应"事件上触发时,它不会针对每个查看器请求执行,而是仅在返回给查看器的内容未被 CloudFront 缓存并且必须首先从 S3 获取.这有助于最大限度地减少由执行 Lambda@Edge 函数引起的额外延迟和成本.
I would like to add x-frame-options as sameorigin to AWS CloudFront service that serving my application on S3 bucket.
I don't want add new Lambda function to edit requests header.
Actually I found a place under like Attached file:
CloudFront Distributions -> My Distribution settings -> Origins and Origin Groups -> S3 Content item that represent my app -> add Origin Custom Headers -> Header name: x-frame-options, Value :sameorigin
but when deployment going to finish still getting old headers in all related request on S3 bucket files and URL's.
How can I add to headers without any Lambda function just directly working with existing AWS CloudFront panel?
The "Origin Custom Headers" you're configuring aren't headers which get added to the response from the origin, but rather to the request made to the origin. From the CloudFront documentation:
You can configure CloudFront to add custom headers to the requests that it sends to your origin. These custom headers enable you to send and gather information from your origin that you don’t get with typical viewer requests. These headers can even be customized for each origin. CloudFront supports custom headers for both for custom and Amazon S3 origins.
So that's no option for adding response headers. While there exists the possibility to use S3 metadata to influence the headers returned to the viewer, this only works for the Content-Type-header, so this is neither an option.
The best option is to use a Lambda@Edge function. While that sounds like a cumbersome and expensive solution, it actually isn't. For your use case the code of that Lambda@Edge function could be as simple as shown below:
def lambda_handler(event, context):
response = event["Records"][0]["cf"]["response"]
response["headers"]["x-frame-options"] = ":sameorigin"
return response
When you configure this Lambda@Edge function to trigger on "Origin Response" events in CloudFront, it won't be executed for every viewer request, but instead only when the content returned to the viewer isn't cached by CloudFront and has to be fetched from S3 first. This helps minimizing the additionally latency and cost induced by the execution of the Lambda@Edge function.
这篇关于AWS cloudfront 在不使用 Lambda@Edge 的情况下添加自定义标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
