Tuesday, May 31, 2016

Using CORS with Amazon CloudFront

curl -I -s -X GET -H "Origin: www.rubyplus.com" https://cdn.rubyplus.com/assets/favicon-b73a7c5b51d68c8f821e1c0e44083c8b8762c977bd620995642c32fb074d2941.ico


$ curl -I -s -X GET -H "Origin: www.rubyplus.com" https://cdn.rubyplus.com/assets/favicon-b73a7c5b51d68c8f821e1c0e44083c8b8762c977bd620995642c32fb074d2941.ico
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 7406
Connection: keep-alive
Date: Wed, 01 Jun 2016 05:47:45 GMT
Server: Apache/2.2.22 (Ubuntu)
Last-Modified: Thu, 03 Mar 2016 08:51:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 01 Jun 2017 05:47:45 GMT
X-Cache: Miss from cloudfront
Via: 1.1 aa96a51fedae85199c643eb5c8eca4e4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: p697DTznUAZ_KZ11Xju2o7NvTcadsRVXDfZOnhluNFruy9ydoB66_w==

zepho-mac-pro:blog5 zepho$ curl -I -s -X GET -H "Origin: www.rubyplus.com" https://cdn.rubyplus.com/assets/favicon-b73a7c5b51d68c8f821e1c0e44083c8b8762c977bd620995642c32fb074d2941.ico
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 7406
Connection: keep-alive
Date: Wed, 01 Jun 2016 05:47:45 GMT
Server: Apache/2.2.22 (Ubuntu)
Last-Modified: Thu, 03 Mar 2016 08:51:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Thu, 01 Jun 2017 05:47:45 GMT
Age: 23
X-Cache: Hit from cloudfront
Via: 1.1 f46e4d7bc5419470a70eb57aa9c935c8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: n6-6jiHmOd25W16ws30v21U9odCOQ1y6xH70o5RMM9tbh91i-abF0w==

The response does not have:

Access-Control-Allow-Origin: *.example.com

The changes are still in progress on Amazon CDN. Wait for 30 minutes or so and test again.

Firefox errors:

Downloadable font: download failed (font-family: "OpenSans-Regular" style:normal weight:normal stretch:normal src index:0): bad URI or cross-site access not allowed
source: https://cdn.rubyplus.com/assets/OpenSans-Regular-e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee.ttf


Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://cdn.rubyplus.com/assets/OpenSans-Regular-e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee.ttf. This can be fixed by moving the resource to the same domain or enabling CORS.


CORS
Using CORS with CloudFront and S3
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)