亚马逊是否将自定义标头传递给来源？ [英] Does Amazon pass custom headers to origin?

问题描述

我正在使用CloudFront将请求转发给亚马逊以外托管的服务。该服务受保护，我们期望调用我们的服务的应用程序可以传递授权标头。

I am using CloudFront to front requests to our service hosted outside of amazon. The service is protected and we expect an "Authorization" header to be passed by the applications invoking our service.

我们尝试从Cloud Front调用我们的服务，但看起来标头被云前端丢弃。因此，服务拒绝该请求，客户端获得401禁止响应。
对于某些不需要授权的静态请求，我们没有收到任何错误，并且得到了CloudFront的正确响应。

We have tried invoking our service from Cloud Front but looks like the header is getting dropped by cloud front. Hence the service rejects the request and client gets 401 forbidden response. For some static requests, which do not need authorization, we are not getting any error and are getting proper response from CloudFront.

我已经查看了CloudFront文档并且没有有关如何处理标头的特定信息，因此希望它们按原样传递，但事实并非如此。

I have gone through CloudFront documentation and there is no specific information available on how headers are handled and hence was hoping that they will be passed as is, but looks like thats not the case. Any guidance from you folks?

推荐答案

可在此处找到或删除或修改标头的列表

The list of the headers CF drops or modifies can be found here

http：// docs。 aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#RequestCustomRemovedHeaders

这篇关于亚马逊是否将自定义标头传递给来源？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！