stackoom
  简体   繁体   中英

CloudFront forwarding Custom Headers to Origin but with null Values

 原文  2019-04-24 08:21:29       amazon-web-services/ asp.net-web-api/ amazon-ec2/ amazon-cloudfront

Question

I am using AWS EC2 for last couple of years. Now I want to enable HTTPS on my application developed in ASP. NET WEB API with front-end in AngularJS. For that I made a CloudFront distribution. It has successfully loaded the static files and called the REST API on EC2 hosted in IIS. But unfortunately the custom headers have null as a value when the requests came from CloudFront to my origin.

I have done the following relevant configurations on CloudFront distribution.

Following is my setting for custom origin headers. 起源

Following is my setting for cache behaviors. 缓存行为

Further setting included the following:

  • Whitelist Cookies: Authorization, VDName
  • Query String Forwarding and Caching: Forward all, cache based on all
  • Origin Protocol Policy: HTTP Only
  • Viewer Protocol Policy: Redirect HTTP to HTTPS

My app has a login page where no Authorization is required. On successful login the app sets three custom headers.

  1. Authorization
  2. x-working-company
  3. x-working-branch

My app is successfully logging in the users but then logging them out automatically. So, To check this issue I wrote the following little code in my Authorization class to check the header values. 

valToUpd.Add("S6", "CHK1");
valToUpd.Add("S7", "Before Null");
valToUpd.Add("S8", request.Headers.Count().ToString());
valToUpd.Add("S9", request.Headers.GetValues("Authorization").Single());
valToUpd.Add("S10", request.Headers.GetValues("x-working-company").Single());
valToUpd.Add("S11", request.Headers.GetValues("x-working-branch").Single());
var toUpdt = "";
if (request.Headers.Any(x => x.Key == "Authorization"))
    toUpdt = "A-";
if (request.Headers.Any(x => x.Key == "x-working-company"))
    toUpdt += "C-";
if (request.Headers.Any(x => x.Key == "x-working-branch"))
    toUpdt += "B-";
var ds = request.Headers.Where(x => x.Key == "x-working-branch").Select(c => c.Value);
toUpdt += " br val = ";
foreach (var item in ds)
{
    foreach (var i in item)
    {
        toUpdt += i + " - ";
    }
}
valToUpd.Add("S12", toUpdt);
usersHelperAdo.Update("Users", whereClause, valToUpd); // Its my DAL method to update values in Users table as per the where clause.

And as expected the CloudFront do forward the headers to my origin but with null values. The results are as follows:

数据库值

Following is the FireFox developer mode, where my front end is sending the request to CloudFront with all the custom headers with appropriate values. But then CloudFront is forwarding those headers to origin but making the values null.

FireFox开发人员模式

So, what am I doing wrong? Why CloudFront pass null as a value in my headers. Any help is highly appreciated. Many Thanks!

EDIT

I tried to hit the API's with Postman and following are the screenshots.

The following shows my call to the Login method and as expected it returns the Auth token with other custom headers set in the response.

邮递员登录

I extracted the required headers from response and send another GET request and received the following.

邮递员GET通话

It throws 403 forbidden error. Its weird that in browser dev mode it throws 401 Unauthorized error and in Postman it is 403 Forbidden.

Any help. Thanks

1 answers

solution1
 1 ACCPTED  2019-04-24 08:59:40

Setting Origin Custom Headers will have CloudFront include them in every request to your origin and if a header is already supplied it is overridden. This is not what you want and this explains why you see null values (you added your headers without values).

Origin Custom Headers should be used for constant values only or when you explicitly need to override a header.

In your case, you need to whitelist the headers in the Cache Behavior Settings by entering x-working-branch and x-working-company in the Whitelist Headers section and by clicking Add Custom >> as show here:

在此处输入图片说明

(I kept your Authorization and Host headers)

Please note that forwarding headers impacts caching : separate versions are created based on the header values. See also Caching Content Based on Request Headers . This means that different combinations of Authorization , Host , x-working-branch and x-working-company will lead to different versions (this is obviously what you want here to avoid serving the same content to different users). This is also valid for query strings and cookies.

It is really important to understand how CloudFront caches objects. The most important part of the documentation is Managing How Long Content Stays in an Edge Cache (Expiration)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS - Cloudfront - How To Use Origin Custom Headers AWS API Gateway behind CloudFront, forwarding headers? Amazon CloudFront custom origin configuration How to forward host headers to the origin in CloudFront UI? CloudFront Distribution with Custom Origin Redirects Request Api Gateway and Regional Custom Domain as CloudFront Origin How to forward headers from aws cloudfront when origin is s3 Modify Cloudfront origin response with Lambda - read-only headers How to correctly set up Amazon Route 53, CloudFront with custom origin AWS cloudfront cli not creating web distribution for custom origin with compress parameter
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM