设置 Accept-Encoding 时,CloudFront 会删除 Access-Control-Expose-Headers 标头

tag-icon tag-icon amazon-web-services amazon-s3 amazon-cloudfront cors
设置 Accept-Encoding 时,CloudFront 会删除 Access-Control-Expose-Headers 标头

我正在尝试让 CloudFront 提供一个 gzip 压缩的文本文件以及Content-Length: <bytes>Access-Control-Expose-Headers: Content-Length标头,以便在使用时可以显示下载进度fetch()

我的设置是:

  1. 在将文件上传到 S3 之前,请使用 gzip 对其进行预压缩,然后进行设置Content-Encoding: gzip。(使用 CloudFront 的自动压缩意味着它会被即时压缩,并且Content-Length不会设置标头。)
  2. S3 的 CORS 设置Allow-Control-Expose-Headers: Content-Length如下:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>HEAD</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
    <ExposeHeader>Content-Length</ExposeHeader>
</CORSRule>
</CORSConfiguration>
  1. CloudFront 设置与相应的 S3 Origin 以及:
    • 允许 GET、HEAD、OPTIONS
    • Origin 标头已列入白名单
    • “自动压缩对象”已禁用

使用此配置我得到:

  • 从 S3 请求:

    curl <s3 URL> -H "Accept-Encoding: gzip" -H "Origin: example.com" -I

HTTP/1.1 200 OK
x-amz-id-2: ...
x-amz-request-id: ...
Date: Sat, 03 Aug 2019 06:28:41 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Content-Length
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Sat, 03 Aug 2019 05:32:02 GMT
ETag: "6483b10f491dc607412899efad695a04"
Content-Encoding: gzip
x-amz-version-id: ...
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Content-Length: 559354
Server: AmazonS3

  • 从 CloudFront 请求没有指定Accept-Encoding: gzip(或者干脆故意拼写错误为gzp):

    curl <cloudfront URL> -H "Origin: example.com" -I

HTTP/2 200
content-type: text/plain; charset=utf-8
content-length: 559354
date: Sat, 03 Aug 2019 06:05:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Content-Length
last-modified: Sat, 03 Aug 2019 05:32:02 GMT
etag: "6483b10f491dc607412899efad695a04"
content-encoding: gzip
x-amz-version-id: ...
accept-ranges: bytes
server: AmazonS3
vary: Origin
age: 1572
x-cache: Hit from cloudfront
via: 1.1 xxxxx.cloudfront.net (CloudFront)
x-amz-cf-pop: ...
x-amz-cf-id: ...

  • 从 CloudFront 请求指定Accept-Encoding: gzip

    curl <cloudfront URL> -H "Accept-Encoding: gzip" -H "Origin: example.com" -I

HTTP/2 200
content-type: text/plain; charset=utf-8
content-length: 559354
date: Sat, 03 Aug 2019 05:39:50 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
last-modified: Sat, 03 Aug 2019 05:32:02 GMT
etag: "6483b10f491dc607412899efad695a04"
content-encoding: gzip
x-amz-version-id: ...
accept-ranges: bytes
server: AmazonS3
vary: Origin
age: 3239
x-cache: Hit from cloudfront
via: 1.1 xxxx.cloudfront.net (CloudFront)
x-amz-cf-pop: ...
x-amz-cf-id: ...

请注意,access-control-expose-headers: Content-Length由于我们设置了,因此标头从 CloudFront 响应标头中删除Accept-Encoding: gzip

Accept-Encoding: gzip(另请注意,即使设置了,S3 也很乐意返回它。)

Access-Control-Expose-Headers当请求时,有没有什么方法可以让 CloudFront 保留标头Accept-Encoding: gzip

答案1

我相信我可能已经找到了答案。有必要Accept-Encoding在 CloudFront 缓存行为中添加白名单标头集。执行此操作然后运行无效化似乎可以解决此问题。

相关内容