Skip to content

Commit

Permalink
Merge pull request #261 from markcarroll/staging
Browse files Browse the repository at this point in the history 
Fix bug where wrong origin set on API CORS policy
  • Loading branch information
@echo-bravo-yahoo
echo-bravo-yahoo authored Apr 29, 2019
2 parents c450eed + 82de394 commit b5cba88
Showing 1 changed file with 8 additions and 14 deletions.
22 changes: 8 additions & 14 deletions cloudformation/template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -231,7 +231,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -278,7 +278,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -325,7 +325,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -398,7 +398,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -458,7 +458,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -510,7 +510,7 @@ Resources:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Origin: !If [ 'DevelopmentMode', "'*'", !If [
'UseCustomDomainName',
!Join ['', [ "'https://", !GetAtt CustomDomainCloudfrontDistribution.DomainName, "'" ]],
!Join ['', [ "'https://", !Ref CustomDomainName, "'" ]],
!Join ['', [ "'https://", !GetAtt DefaultCloudfrontDistribution.DomainName, "'" ]]
]]
passthroughBehavior: when_no_match
Expand Down Expand Up @@ -1366,7 +1366,6 @@ Resources:
DistributionConfig:
Aliases:
- !Ref CustomDomainName
- !Join [ '', [ 'www.', !Ref CustomDomainName ] ]
CustomErrorResponses:
- ErrorCode: 403
ResponseCode: 403
Expand Down Expand Up @@ -1443,19 +1442,14 @@ Resources:
# this is a "magic string" for using CFN aliases; see this link:
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html
HostedZoneId: 'Z2FDTNDATAQYW2'
- Name: !Join [ '', [ 'www.', !Ref CustomDomainName, '.' ] ]
Type: A
AliasTarget:
DNSName: !Join [ '', [ !GetAtt CustomDomainCloudfrontDistribution.DomainName, '.' ] ]
HostedZoneId: 'Z2FDTNDATAQYW2'

Outputs:
WebsiteURL:
Value: !If [ 'DevelopmentMode',
!Join [ '', [ 'https://', !GetAtt DevPortalSiteS3Bucket.RegionalDomainName, '/index.html' ]],
!If [
'UseCustomDomainName',
!Join [ '', [ 'https://', !GetAtt CustomDomainCloudfrontDistribution.DomainName ]],
!Join [ '', [ 'https://', !Ref CustomDomainName ]],
!Join [ '', [ 'https://', !GetAtt DefaultCloudfrontDistribution.DomainName ]]
]
]
Expand Down

0 comments on commit b5cba88

Please sign in to comment.