Comments (5)
Hello @clayton-cc - thanks for reaching out with the issue.
Just had to refresh myself with my own code 😄. This is interesting and yes, I took the description outlined in the event structure to read that "path"
must be either /
or a /path/to/resource
.
On re-read, it seems I may very well have that wrong - and in addition the example given on the event structure page itself for an example origin request shows the following:
"origin": {
"custom": {
"customHeaders": {},
"domainName": "example.org",
"keepaliveTimeout": 5,
"path": "",
"port": 443,
"protocol": "https",
"readTimeout": 30,
"sslProtocols": [
"TLSv1",
"TLSv1.1",
"TLSv1.2"
]
}
yes, an empty "path"
😄.
So I think the fixes should be:
- Update
isValidPath()
underpayloadVerifyRequestOrigin()
to allow either:- empty string.
- a string starting with a
/
- but not ending with/
(current behaviour). - But it should no longer allow just
/
as per your tests. This is an error.
- Also noted from docs - when a custom origin path must not exceed 255 characters - so I'll add that check in too. Missed this during the initial build of edgy.
- Update
setOriginCustom()
andsetOriginS3()
methods to ensure the givenpath
is also validated byisValidPath()
logic on set - and throw an exception if not valid.
I'm going to find some time to do the same as you - spin up a test/POC CloudFront/S3 and Lambda@Edge function on the origin request
point in the request lifecycle and confirm these settings of path
first.
from edgy.
Sorry @clayton-cc - haven't forgotten about this - just trying to find the time to test/remediate. 😄
from edgy.
Working through the possible options for .path
- some results:
-
Setting
request.origin.s3.path = '';
- works 👍 -
Setting
request.origin.s3.path = '/';
:The Lambda function returned an invalid origin configuration: The value of OriginPath is invalid. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
-
Setting
request.origin.s3.path = '/apples/';
:The Lambda function returned an invalid origin configuration: The value of OriginPath is invalid. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
-
Setting
request.origin.s3.path = '/apples';
: - works 👍
from edgy.
Hello @clayton-cc - I'm finally trying to get around to this issue - yes, it's been over a year!
Yep - based on my tests above with a CloudFront distribution, you're 100% correct - I've currently got the rules/tests slightly wrong ☝️.
Thus, the rules of path
should be:
- Empty string (
''
) is valid. - A value of single
/
is invalid. - Start with a forward slash, but not end with one is valid.
In addition, as noted in AWS docs - for custom paths:
For custom origins only, the path should be URL encoded and have a maximum length of 255 characters.
Will now work to fix this / make better.
from edgy.
Have completed the fixes here finally! 🎉
Addressed in commits: ce7516b, 6dc348e, 93a3251.
All part of release v1.3.0+
.
Thanks again @clayton-cc for bringing this issue to my attention 👍
from edgy.
Related Issues (2)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from edgy.