Bobcares

CloudFront “Access control allow origin header” error

PDF Header PDF Footer

Stuck with CloudFront access control allow origin header error? We can help you.

At Bobcares we assist our customers with several AWS queries as part of our AWS Support Services for AWS users, and online service providers.

Today, let us see how our Support Techs resolve this CloudFront issue.

 

How to resolve CloudFront “Access control allow origin header” error?

In order to avoid the error, please make sure you verify the following:

  • Firstly, the origin’s cross-origin resource sharing policy allows the origin to return the “Access-Control-Allow-Origin” header.
  • Secondly, the CloudFront distribution forwards the appropriate headers.
  • The CloudFront distribution’s cache behavior allows the OPTIONS method for HTTP requests.

Today, let us see the steps followed by our Support Techs to resolve this error.

The origin’s CORS policy allows the origin to return the “Access-Control-Allow-Origin” header

Firstly, check if the origin returns the “Access-Control-Allow-Origin” header by running a curl command similar to the following:

curl -H "origin: example.com" -v "https://www.anything.net/video/call/System.generateId.dwr"

If the CORS policy allows the origin to return the header, the command returns a message similar to the following:

HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Mon, 01 May 2018 03:06:41 GMT
Content-Type: text/html
Content-Length: 3770
Last-Modified: Thu, 16 Mar 2017 01:50:52 GMT
Connection: keep-alive
ETag: "58c9ef7c-eba"
Access-Control-Allow-Origin:
example.com
Accept-Ranges: bytes

 

The CloudFront distribution forwards the appropriate headers

Once you set up CORS on your origin, configure your CloudFront distribution to forward the headers that are required by your origin.

If your origin is an S3 bucket, you need to configure your distribution to forward the following headers to Amazon S3:

  • Access-Control-Request-Headers
  • Access-Control-Request-Method
  • Origin

To forward the headers using a cache policy, follow these steps:

  • Follow the steps to create a cache policy using the CloudFront console.
  • Then, under Cache key contents, for Headers, select Whitelist. From the list of headers, select one of the headers required by your origin.
  • Then, choose Add header. Repeat this step for all the headers required by your origin.
  • Complete all other settings of the cache policy based on the requirements of the behavior that you’re attaching the policy to.
  • Finally, follow the steps to attach the cache policy to the relevant behavior of your CloudFront distribution.

 

To forward the headers using legacy cache settings, follow these steps:

  • Firstly, open your distribution from the CloudFront console.
  • Choose the Behaviors tab.
  • Choose Create Behavior, or choose an existing behavior, and then choose Edit.
  • For Cache and origin request settings, select Use legacy cache settings.
  • For Cache Based on Selected Request Headers, choose Whitelist.
  • Under Whitelist Headers, choose the headers required by your origin from the menu on the left. Then, choose Add.
  • Choose Yes, Edit.

 

The CloudFront distribution’s cache behavior allows the OPTIONS method for HTTP requests

If the issue persits try allowing the OPTIONS HTTP method in your distribution’s cache behavior.

By default, CloudFront allows only the GET and HEAD methods, but some web browsers might issue requests for the OPTIONS method.

To enable the OPTIONS method on your CloudFront distribution, follow below steps:

  • Open your distribution from the CloudFront console.
  • Choose the Behaviors tab.
  • Choose Create Behavior, or choose an existing behavior, and then choose Edit.
  • For Allowed HTTP Methods, select GET, HEAD, OPTIONS.
  • Choose Yes, Edit.

 

[Need assistance with CloudFront? We are available 24*7]

Conclusion

Today, we saw how our Support Techs resolved CloudFront access control allow origin header error.

 

 

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Speed issues driving customers away?
We’ve got your back!

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF