AWS 上是否允许带有正文的 Get 请求?来自 CloudFront 的 403 错误 [英] Are Get request with body allowed on AWS? 403 error from CloudFront
问题描述
我使用 Visual Studio 向 AWS 发布了一个 api,并使用 AWS 无服务器应用程序项目的模板,现在我正在使用邮递员测试这些方法,但是所有需要主体的 get 方法都返回一个错误,在响应中提到了 cloudfront,我不知道该问题是否与 cloudfront 相关,或者是否是 AWS HTTP 1.1 规范实现不允许带有正文的 get 请求:
I published an api to AWS with Visual Studio and using the template for AWS Serverless application project, for now I am testing the methods with postman, but all get methods that require a body are returning an error that mentions cloudfront in the response, I do not know if the issue is related to cloudfront or if it is the AWS HTTP 1.1 specification implementation that does not allow get requests with body:
注意:获取带有正文的请求是我们客户的要求
Note:Get requests with body were a requirement from our client
RFC 7231 HTTP/1.1 规范说明如下:GET 请求消息中的负载没有定义的语义;在 GET 请求上发送有效负载正文可能会导致一些现有的拒绝请求的实现.
RFC 7231 HTTP/1.1 specification says the following: A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some existing implementations to reject the request.
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD>
<BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Bad request.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID:
</PRE>
<ADDRESS></ADDRESS>
</BODY>
</HTML>
所以我的问题是:
- 是否允许在 AWS 中获取带有正文的请求?
- AWS 如何处理带有正文的 get 请求?
- 有没有办法让工作在 AWS 上通过 body 获取请求?
我在这里看到了几乎相同的问题:AWS GET request with body被 CloudFront 拒绝
I saw almost the same question here:AWS GET request with body rejected by CloudFront
他们指向这个文件:https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-lambda-non-proxy-integration.html 表示如果您发送带有正文的 get 请求返回 400 错误,但我得到的错误是 403 错误
and they point to this document: https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-lambda-non-proxy-integration.html that says if you send a get request with body it returns a 400 error, but the error I am getting is 403 error
所以你能再澄清一点吗?或者您能否指出一份提到对获取请求的限制的亚马逊文档?
so could you clarify a little bit more? or could you point to an amazon document that mentions the restrictions on get requests?
非常感谢
推荐答案
GET request with Body is not allowed on CloudFront, you will get 403 if you send body, 虽然RFC没有明确说你应该拒绝GET with body但是CloudFront 不允许这样做.在 GET 请求中传递 body 的最佳选择是通过查询字符串(请求的最大长度,包括标头和查询字符串 20,480 字节).
GET request with Body is not allowed on CloudFront, You will get 403 if you send body, though RFC does not specifically say that you should reject GET with body but CloudFront doesn't allow that. The best option to pass body in GET request is by query string(Maximum length of a request, including headers and query strings 20,480 bytes).
包含正文的 GET 请求如果查看器 GET 请求包含正文,CloudFront 会向查看器返回 HTTP 状态代码 403(禁止).
GET Requests That Include a Body If a viewer GET request includes a body, CloudFront returns an HTTP status code 403 (Forbidden) to the viewer.
这篇关于AWS 上是否允许带有正文的 Get 请求?来自 CloudFront 的 403 错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
