{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 做个烂人 的问题《Cloudfront CORS only works for subdomain》','https://www.manongdao.com/q-713876.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm with a very strange behavior with CORS using Cloudfront + S3
When I run
curl -I -s -X GET -H "Origin: https://myapp.com" https://s3.amazonaws.com/myapp/assets/fontawesome-webfont.woff | grep Access
and
curl -I -s -X GET -H "Origin: https://**www.**myapp.com" https://s3.amazonaws.com/myapp/assets/fontawesome-webfont.woff | grep Access
Both return the values as expected:
Access-Control-Allow-Origin: https://musicjungle.com.br
Access-Control-Allow-Methods: GET Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000 Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers,
Access-Control-Request-Method
But when I try to run the same curl using the Cloudfront URL, just the www subdomain works
curl -I -s -X GET -H "Origin: https://www.myapp.com" https://d1bfllp5zjnl7u.cloudfront.net/assets/fontawesome-webfont.woff | grep Access
Access-Control-Allow-Origin: https://www.musicjungle.com.br
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD
Access-Control-Max-Age: 3000 Access-Control-Allow-Credentials: true
The below command doesn't return the headers as expected
curl -I -s -X GET -H "Origin: https://myapp.com" https://d1bfllp5zjnl7u.cloudfront.net/assets/fontawesome-webfont.woff | grep Access
Any ideia why this could be happening? I already allowed Origin for both servers on S3 CORS configuration (as we can see above), but it seems to be something on Cloudfront configuration, that only allows "www.myapp.com".
If I understand you right, I'd say it's a matter of CloudFront's Request Headers cache settings...
– Source.
So, go to your Distribution and edit your Behavior to allow CloudFront to cache objects based on the values of the
Originheaders:After new settings are established, create an Invalidation for the affected files.