0

I have a tomcat web application that is using CloudFront, Apache, and S3 for static content delivery. The static content uses a versioned folder structure to allow for zero downtime upgrades:

V1
    css
    images
    javascript
    fonts
V2
    css
    images
    javascript
    fonts
etc

For everything but css files, these are referenced straight away to the CDN from the application. However, supporting the existing enterprise web application is necessary, so the existing /images and /fonts references cannot be changed.

To combat this, I've set up a custom origin on an apache EC2 that serves as a reverse proxy to the S3 bucket. It uses the referer header from the css file to direct the image reference to the correct directory.

This works fine, except for fonts where firefox reports that a CORS violation is occurring on the EC2. This doesn't make any sense to me since both the all of the content is hosted on the S3 itself.

Nonetheless, I have the CORS configuration set in the S3 bucket, a Header being set in apache for Access-Allow-Control-Origin, and CloudFront passing the Origin header. The css files are served fine with no CORS violations, but the fonts will not be served. Is there a configuration in Apache that I'm missing, or is it something else? I'd appreciate any help I can get.

Thanks

Matthew DeMougin
  • 167
  • 1
  • 9

1 Answers1

0

On June 26, 2014 AWS added support for CORS in CloudFront, are you using this support?

This SO answer provides info about enabling it for a particular distribution: https://stackoverflow.com/a/24459590/3195497

If this is not enabled, then my guess is that CloudFront has cached a response without a Access-Allow-Control-Origin header and is serving that response regardless of what Origin is sent in the request.

Community
  • 1
  • 1
scytacki
  • 1
  • 1