Menu
I developed an AWS Lambda Proxy using Serverless in order to call a private API, process its result and return it.
It's simple enough, though the private API does not return anything once "X-Forwarded-For" is set in the HTTP request.
I haven't found a way to blacklist this header in CloudFront, nor in CloudFormation or API Gateway.
Where should I look for?
For reference, the serverless.yml I use:
service: mylambda
provider:
name: aws
runtime: java8
memorySize: 1024
timeout: 240
package:
artifact: target/awslambda-1.0-SNAPSHOT.jar
functions:
leboncoinlist:
handler: com.example.awslambda.handler.HttpRequestHandler
events:
- http:
path: list
method: post
cors: true
394
Amazon Lambda does not allow the setting of X-Forwared-* headers. It is already a part of the blacklisted headers. If you were to set it as a part of your Lambda function, the default behaviour of CloudFront is that the request fails CloudFront validation. CloudFront returns HTTP status code 502 (Bad Gateway) to the viewer.
See the following link for more on list of blacklisted headers: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-requirements-limits.html#lambda-cloudfront-star-headers
If you want CloudFront to add any of the CloudFront-* headers, you must configure CloudFront to cache based on these headers. For information about configuring CloudFront to cache based on specified headers, see this link for more: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesForwardHeaders
Please note that for viewer events, CloudFront-Viewer-Country is blacklisted. Blacklisted headers aren't exposed and can't be added by Lambda@Edge functions. If your Lambda function adds a blacklisted header, the request fails CloudFront validation, and CloudFront returns HTTP status code 502 (Bad Gateway) to the viewer.
Hope this helps.
71
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
