Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
2.0k views
in Technique[技术] by (71.8m points)

amazon web services - CloudFront Distribution with Custom Origin Redirects Request

I set up a CloudFront distribution to work with a Custom Origin - my client's web server (www.mydomain.com).

When I load my webpage and check the Network tab of the Chrome web inspector, the assets are shown as coming from the origin server (www.mydomain.com), and the "Initiator" column shows the CloudFront URL as a redirect. I take that to mean that CloudFront is redirecting the asset request to my origin server, which pretty much defeats the purpose.

When I set up the distribution, I left the TTL at the default value, which I believe means 24 hours.

If I use an S3 bucket as the origin instead of a web server, the assets load directly from CloudFront as expected.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

If you see your own server domain in the URL for the asset, it means that CloudFront received a redirect response when it went to fetch the asset and is serving that redirect as the cached result. This is definitely not what you want.

I had a similar problem that I solved after seeing one of the answers on this post:

Magento - Amazon Cloudfront CDN and Caching

I was redirecting from domain.com to www.domain.com and CloudFront was caching and returning that redirect. You would probably see the same thing with an http/https redirect.

If you're doing an HTTP -> HTTPS redirect, you have two options: You can either serve the assets to CloudFront as HTTP or make CloudFront request them as HTTPS. To do the latter, you would need to configure your CloudFront origin to "Match Viewer." That means that if the viewer is using HTTPS, CloudFront will also. If the user is using HTTP, CloudFront would request in HTTP, return the HTTPS redirect it received from your server, and the client would then re-issue the request as HTTPS.

In our case, the assets themselves do not need to be protected in-flight. It is only important that they are served from CloudFront as HTTPS so the user's browser is seeing all HTTPS content. So, in our case, it is not necessary to serve the assets to CloudFront as HTTPS. Regardless of how it fetches the content from our server, CloudFront will match the viewer's protocol when it responds.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...