stackoom
  简体   繁体   中英

How can you access cookies on a static S3 site behind a CloudFront distribution?

 原文  2022-02-03 13:22:27       angular/ amazon-web-services/ http/ cookies/ amazon-cloudfront

Question

So I'm trying to deploy my website which works well when in a local environment, but when it is deployed to Cloudfront, it can't seem to access cookies.

My frontend tech stack is as follows: Angular site hosted on S3, cloudfront distribution in front of it, custom domain name with a valid ssl certificate.

When the user navigates to the login page, they can successfully submit the forum, and the server responds with a JWT token in the Set-Cookie header.

设置 Cookie 标头

After this though, in the angular site it says that the access-token cookie does not exist. The strange part here is that on subsequent requests, the access-token cookie is in fact forwarded back to the backend. (In the image below, the login button was pressed again, so the response cookie is the same as the request cookie.)

通过网络接收和发送令牌的屏幕截图。

I've ensured that HttpOnly is not set, and that the frontend and backend are both hosted under the same root domain frontend.root.com and api.root.com .

Cloudfront has been configured to forward the access-token cookie:

cache policy : 缓存键设置:标题 - 无,cookie - 无,查询字符串 - 无

origin request policy (note that it still did not work when I had this set to forward all cookies and not just the access token): 源请求设置:标头 - 所有查看器标头,cookie - 访问令牌,查询字符串 - 全部

Response headers settings : 响应标头的 CORS 设置

So in my angular site, after the /login api call resolves, I use the ngx-cookie-service to check and try to retrieve the cookie.

this.cookieService.check('access-token'); // checks if it exists, returns false
this.cookieService.get('access-token'); // returns '' meaning the cookie does not exist

Any ideas on how to resolve this issue and access the cookies from within my angular site? I can provide more information on my configurations if needed. Thanks!

1 answers

solution1
 1 ACCPTED  2022-02-03 13:29:30

As you can barely make out in the screenshot the Cookies have the domain set as something starting with a suggesting that it is api.root.com , most importantly it is not frontend.root.com and not root.com .

The server needs to set the domain of the cookie to root.com for it to be available to all subdomains of it.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Static Web App versioning with S3 and Cloudfront Host Angular app in CloudFront/S3 *without* S3 static website hosting How to make an Angular Service Worker recognize new versions of a deployed application in a static-hosted S3 bucket hosted in AWS CloudFront Issue with transferring site written on Angular 6 to AWS S3 with the use of AWS CloudFront How can I deploy Angular Universal App with AWS CloudFront S3 Lambda instead of running a EC2 server? Angular application hosted on AWS redirection gives access denied having cloudfront ahead of S3 s3 cloudfront app Code: NoSuchKey on refreshing Angular Routes not working with cloudfront + s3 Angular routing is not working with Cloudfront and S3 Update Angular app on AWS S3 + Cloudfront
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM