Cloudfront没有将If-None-Match发送到我的源站。

huangapple go评论74阅读模式
英文:

Cloudfront not sending If-None-Match to my origin

问题

我尝试配置Cloudfront在资源过期时发送If-None-Match到我的自定义源,以便在未发生更改时返回304状态码。但出于某种原因,我无法让Cloudfront执行这项操作。

我的自定义源响应如下头部信息:

HTTP/2 200 
content-type: application/json; charset=utf-8
content-length: 181691
access-control-allow-origin: *
cache-control: max-age=5
date: Fri, 17 Feb 2023 21:16:49 GMT
x-content-type-options: nosniff
x-frame-options: DENY
etag: W/"15-mbAPvGdFm9PuCZHJFTtrwm@3"
vary: Accept-Encoding

因此,我发送了5秒的缓存控制和一个弱e-tag。

我的Cloudfront缓存策略最小TTL为1,转发了Origin和一些x-头部信息,同时转发了所有查询字符串,但不转发Cookie。压缩已开启。

我的自定义源请求策略为"AllViewer"。

请求经过Cloudfront,经典的AWS负载均衡器,然后到达一个处理并发送响应的Kubernetes Pod。

出于某种原因,当资源过期时,Cloudfront从未向我的自定义源发送If-None-Match头部。如果我在curl命令中手动指定If-None-Match头部发送请求到Cloudfront,我的自定义源可以正确地看到它并做出响应。没有中间环节删除If-None-Match头部,所以问题必然是Cloudfront首次未发送它。

有没有任何可能导致问题的想法?我已经仔细查阅了文档,但没有找到有效的解决方法。

谢谢!

英文:

I'm trying to configure Cloudfront to send an If-None-Match to my custom origin when a resource expires, so that I can respond with a 304 if nothing has changed. For some reason, I'm unable to get Cloudfront to do so.

My origin responds with these headers:

HTTP/2 200 
content-type: application/json; charset=utf-8
content-length: 181691
access-control-allow-origin: *
cache-control: max-age=5
date: Fri, 17 Feb 2023 21:16:49 GMT
x-content-type-options: nosniff
x-frame-options: DENY
etag: W/"15-mbAPvGdFm9PuCZHJFTtrwm@3"
vary: Accept-Encoding

So, sending cache-control of 5 seconds and a weak e-tag.

My cloudfront cache policy has min ttl of 1, forwards headers Origin and a few x- ones, forwards all query strings. No cookies. Compression is turned on.

My origin request policy is "AllViewer".

The request is traveling to Cloudfront, which goes through a classic AWS load balancer, which hits a kubernetes pod that handles and sends the response.

For some reason, Cloudfront never sends an If-None-Match header to my origin when resource expires. If I manually specify an If-None-Match header in my request in a curl command to Cloudfront, my origin does see it and responds correctly. No no intermediate hop is removing the If-None-Match header, so it must be that Cloudfront is not sending it in the first place.

Any ideas what could be wrong? I've been pouring over the documentations but have not found anything that worked.

Thanks!

答案1

得分: 2

原来问题出在源请求策略上。我选择了“所有查看者”,这会将所有标头/查询/cookie都转发到源站点。然而,这也阻止了 Cloudfront 发送 if-none-match!清除源请求策略解决了问题...

英文:

Turns out the reason is the Origin Request Policy. I had picked "All Viewer" which would've forwarded all headers / queries / cookies to the origin. However, this also prevented Cloudfront from sending if-none-match! Setting no Origin Request Policy fixed the issue...

huangapple
  • 本文由 发表于 2023年2月18日 09:18:18
  • 转载请务必保留本文链接:https://go.coder-hub.com/75490579.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定