Strip S3 metadata from headers sent to clients for exported images about grid HOT 9 CLOSED

It doesn't look like removing the headers sent by S3 is possible in AWS, so I would lean towards stripping the headers via Fastly when we serve them using custom VCL:

sub vcl_deliver {
  remove resp.http.X-Whatever;
}

from grid.

@theefer I need a Fastly account to do this though 🚀

from grid.

I'm afk at (sic), can you ask Jonathan Westlake or Rob Carey?

from grid.

*atm

from grid.

Fixed by: https://github.com/guardian/grid-infra/pull/27/files

from grid.

Great!

Can we get frontend to apply the same fix to their Fastly config as part of this (or as a new issue, I don't mind)?

from grid.

@theefer yup, just trying to find the correct vcl to PR against in the repo.

from grid.

Talking to @phamann we agreed that simply adding the custom rules to the Fastly UI was suitable given that they hope to be using ImagIX which strips the headers fairly soon. I've added the rules and the the X-amz-meta headers have disappeared :)

To test:

curl -D - -s -H Host:i.guim.co.uk d.global-ssl.fastly.net/media/w-700/h--/q-95/f3e2ecf2c008761657d11f069a57b94b5598237c/0_151_4016_2409/1000.jpg -o /dev/null

Current output:

HTTP/1.1 200 OK
Content-Type: image/jpeg
ETag: "1ddc68c67df5746e8f113da77a590d69"
Last-Modified: Wed, 01 Apr 2015 23:51:23 GMT
Server: nginx
Content-Length: 111293
Accept-Ranges: bytes
Date: Thu, 02 Apr 2015 10:26:12 GMT
Via: 1.1 varnish
Age: 1339
Connection: keep-alive
X-Served-By: cache-lcy1134-LCY
X-Cache: HIT
X-Cache-Hits: 24
X-Timer: S1427970372.534740,VS0,VE0
Vary: Accept, Accept-Encoding

from grid.

Amazing! 👍

from grid.