AWS上是否允许使用正文获取请求? 来自CloudFront的403错误
[英]Are Get request with body allowed on AWS? 403 error from CloudFront
问题描述
I published an api to AWS with Visual Studio and using the template for AWS Serverless application project, for now I am testing the methods with postman, but all get methods that require a body are returning an error that mentions cloudfront in the response, I do not know if the issue is related to cloudfront or if it is the AWS HTTP 1.1 specification implementation that does not allow get requests with body: 
我使用Visual Studio向AWS发布了api,并使用了适用于AWS无服务器应用程序项目的模板,现在我正在使用postman测试方法,但所有需要正文的get方法都返回了一个错误,在响应中提到了cloudfront,我这样做了不知道该问题是否与cloudfront相关,或者是否是不允许使用正文获取请求的AWS HTTP 1.1规范实现:
Note:Get requests with body were a requirement from our client 注意:获取身体请求是我们客户的要求
RFC 7231 HTTP/1.1 specification says the following: A payload within a GET request message has no defined semantics; RFC 7231 HTTP / 1.1规范说明如下:GET请求消息中的有效负载没有定义的语义; sending a payload body on a GET request might cause some existing implementations to reject the request. 在GET请求上发送有效负载主体可能会导致某些现有实现拒绝该请求。
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD>
<BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Bad request.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID:
</PRE>
<ADDRESS></ADDRESS>
</BODY>
</HTML>
so my questions are: 所以我的问题是:
- are get request with body allowed in AWS? 在AWS中获得允许身体的请求?
- How AWS deals with get request with body? AWS如何通过正文获取请求?
- is there a way to make work get requests with body on AWS? 有没有办法让工作在AWS上获取请求?
I saw almost the same question here: AWS GET request with body rejected by CloudFront 我在这里看到几乎相同的问题: 身份被CloudFront拒绝的AWS GET请求
and they point to this document: https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-lambda-non-proxy-integration.html that says if you send a get request with body it returns a 400 error, but the error I am getting is 403 error 他们指向这个文档: https : //docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-lambda-non-proxy-integration.html ,它说如果你发送一个带有正文的get请求它会返回400错误,但我得到的错误是403错误
so could you clarify a little bit more? 所以你能澄清一点吗? or could you point to an amazon document that mentions the restrictions on get requests? 或者你能否指出一个亚马逊文件提到获取请求的限制?
Many Thanks 非常感谢
1 个解决方案
解决方案1
0 2019-04-30 04:06:57
GET request with Body is not allowed on CloudFront, You will get 403 if you send body, though RFC does not specifically say that you should reject GET with body but CloudFront doesn't allow that. 在CloudFront上不允许使用Body获取GET请求,如果您发送正文,则会获得403,尽管RFC没有明确说明您应该拒绝使用正文GET,但CloudFront不允许这样做。 The best option to pass body in GET request is by query string(Maximum length of a request, including headers and query strings 20,480 bytes). 在GET请求中传递body的最佳选择是查询字符串(请求的最大长度,包括头和查询字符串20,480字节)。
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html
GET Requests That Include a Body If a viewer GET request includes a body, CloudFront returns an HTTP status code 403 (Forbidden) to the viewer. 获取包含正文的请求如果查看者GET请求包含正文,则CloudFront会向查看者返回HTTP状态代码403(禁止)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.