CORS issues with CloudFront and S3 - amazon-s3

Some of our users are getting this error in the browser consoles:
XMLHttpRequest cannot load https://d2ynz9y5qgba7.cloudfront.net/icons/instagram.svg.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'https://www.weld.io'; is therefore not allowed access.
These are the current headers:
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 21038
Content-Length: 1086
Content-Type: image/svg+xml
Date: Wed, 23 Mar 2016 10:00:12 GMT
Etag: "5cc3b790e15d7736b95880001521630b"
Last-Modified: Wed, 18 Mar 2015 10:20:32 GMT
Server: AmazonS3
Via: 1.1 8cdc69e06e564b9aef153cf0b52204b0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 0lD_0czYTm6i5f7RlURkG2dcQx_B252LC2GOu98anzHH1k1eaz2lmg==
X-Cache: Hit from cloudfront
As you can see, Access-Control-Allow-Origin is indeed present.
We are also "whitelisting" Origin on CloudFront.
What could be the cause of this issue?

Related

RestSharp Issue With 402 Response

I'm using RestSharp to interface with the Auth0 and Sisense APIs. Everything's working fine except when deleting a user in Auth0. I send the delete request as a DELETE and Auth0 successfully deletes the user.
Here is the response I'm getting from Auth0:
HTTP/1.1 204 No Content
Date: Wed, 19 Feb 2020 16:35:28 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Server: nginx
ot-tracer-spanid: 21cd87957d9bac76
ot-tracer-traceid: 25a636cb6e5fd4ca
ot-tracer-sampled: true
x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 1582130129
vary: origin,accept-encoding
cache-control: no-cache
Strict-Transport-Security: max-age=15724800
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
And here's what I'm getting in the RestSharp response:
System.Runtime.Serialization.SerializationException: Invalid JSON string
at RestSharp.RestClientExtensions.ThrowIfError(IRestResponse response)
at RestSharp.RestClientExtensions.DeleteAsync[T](IRestClient client, IRestRequest request)
I'm making a call to a Sisense web service and RestSharp is handling the 402 just fine. Here's the Sisense response:
HTTP/1.1 204 No Content
Date: Wed, 19 Feb 2020 16:32:14 GMT
Connection: keep-alive
Set-Cookie: sisense-cookieCORS=***************************; Path=/; SameSite=None; Secure
Set-Cookie: sisense-cookie=***************************; Path=/
X-UA-Compatible: IE=Edge
x-xss-protection: 1; mode=block
x-frame-options: ALLOW-FROM https://****************************************************
content-security-policy: frame-ancestors ****************************************************
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
The main difference between the two is the Content-Type directive present in Auth0. Is that what's causing the problem? Is there a workaround?

Why can't googlebot fetch my JavaScript file?

https://api-staging-weld.freetls.fastly.net/scripts/customdomain_weld.19f3e9ec.js
The error I get in Google Search Console is Temporarily unreachable with no further explanation. I think it's something with my http headers but can't figure out which one. Here they are:
accept-ranges: bytes
access-control-allow-origin: *
age: 4905
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 29990
content-type: application/javascript; charset=UTF-8
date: Fri, 20 Apr 2018 12:46:37 GMT
etag: W/"1a018-162e269bfe0"
last-modified: Fri, 20 Apr 2018 09:36:44 GMT
server: Cowboy
status: 200
vary: Accept-Encoding
via: 1.1 vegur
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-powered-by: Express
x-served-by: cache-bma7030-BMA
x-timer: S1524228398.925110,VS0,VE6
What's wrong or what am i Missing?

HHVM + Apache + Varnish + Drupal 404

This seems like quite an odd thing to be happening, but I'm getting 404 responses but the pages are still displaying as expected.
I do have a slightly odd setup on this server, as we're running HHVM for PHP pages and using Varnish as we need to direct some of the pages to our old server.
We're running Drupal on this server and it seems to work fine except the 404 response seems to be stopping the login form from working.
I was going to add some images to show what's going on, but unfortunately don't have enough reputation....
here's the what we get from a GET -Sed request
pete#pete-work ~ $ GET -Sed http://beta.newint.org/user
GET http://beta.newint.org/user
404 Not Found
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 27 May 2015 15:14:23 GMT
Via: 1.1 varnish
Age: 0
Server: Apache
Vary: Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Client-Date: Wed, 27 May 2015 15:14:23 GMT
Client-Peer: 178.79.141.247:80
Client-Response-Num: 1
Client-Transfer-Encoding: chunked
ImageToolbar: false
Link: <http://beta.newint.org/user>; rel="canonical",<http://beta.newint.org/user>; rel="shortlink"
Title: User account | Site-Install
X-Generator: Drupal 7 (http://drupal.org)
X-Meta-Charset: utf-8
X-Meta-Generator: Drupal 7 (http://drupal.org)
X-Meta-Viewport: width=device-width, maximum-scale = 1.0
X-Powered-By: HHVM/3.7.0
X-Varnish: 1786764394
And then bypassing varnish and going straight to apache
pete#pete-work ~ $ GET -Sed http://beta.newint.org:8080/user
GET http://beta.newint.org:8080/user
404 Not Found
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 27 May 2015 15:14:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Client-Date: Wed, 27 May 2015 15:14:32 GMT
Client-Peer: 178.79.141.247:8080
Client-Response-Num: 1
Client-Transfer-Encoding: chunked
ImageToolbar: false
Link: <http://beta.newint.org:8080/user>; rel="canonical",<http://beta.newint.org:8080/user>; rel="shortlink"
Title: User account | Site-Install
X-Generator: Drupal 7 (http://drupal.org)
X-Meta-Charset: utf-8
X-Meta-Generator: Drupal 7 (http://drupal.org)
X-Meta-Viewport: width=device-width, maximum-scale = 1.0
X-Powered-By: HHVM/3.7.0
Any ideas?
Turns out this was simply due to mod_rewrite not being enabled.

Webmaster tools do not show a website as verified using Site Verification API

Why Google webmaster tool doesn't show the verified site on the webmaster tool? I am getting status code 200 when using both OAuth 2 playground and my program. But when check on https://www.google.com/webmasters/tools/ I cannot see the verified site.
This is the response I am getting from Google:
HTTP/1.1 200 OK
Content-length: 220
Via: HTTP/1.1 GWA
X-content-type-options: nosniff
Etag: "00deUEyKiunbfrZpRY_GOwanRBXo/rPzr3x8uGF7cZ_o8tWZ9Z9Yp87RwQU"
X-google-cache-control: remote-fetch
-content-encoding: gzip
Server: GSE
X-xss-protection: 1; mode=block
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Wed, 10 Jul 2013 09:38:26 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
{"id":"http%3A%2F%2Fsample.net%2F","site":{"type":"SITE","identifier":"http://sample.net/"},"owners":["sample#gmail.com"]}
Can anyone suggest the reason behind this?

Can I update an existing Amazon S3 object header properties?

I have a problem of Content-Type empty for video files and wanted to update those objects with Content-Type: video/** based on extension of the file. But when i am using the put method for same key/bucket with content-type it is being overridden with '0' content-length.
Can I update an existing Amazon S3 object? link says
put will override the file s3 object which doesn't serve my purpose.
Note: I don't want to use Java SDK. I want to use normal the Java httpput due to memory constraints of the mobile.
What you could try is to use the PUT COPY request with the same source and target.
PUT /yourvideo.flv HTTP/1.1
Host: bucket.s3.amazonaws.com
Date: Wed, 28 Oct 2009 22:32:00 GMT
x-amz-copy-source: /bucket/yourvideo.flv
Authorization: AWS AKIAIOSFODNN7EXAMPLE:0RQf4/cRonhpaBX5sCYVf1bNRuU=
Apparently python boto modifies metadata this way
Yes, I can confirm, copy is working:
PUT /test/123.png HTTP/1.1\r\n
Host: yourbucket.s3.amazonaws.com\r\n
Accept-Encoding: identity\r\n
Content-Length: 0\r\n
x-amz-storage-class: STANDARD\r\n
x-amz-copy-source: yourbucket/test/123.png\r\n
Date: Fri, 11 Jan 2013 15:16:48 GMT\r\n
Content-Type: image/gif\r\n # this is the content-type set
Authorization: AWS AKXXXXXDDRXXXXXX63CA:RcktkZ9nPwsXXXXXd+KXXXXXY=\r\n
x-amz-metadata-directive: REPLACE\r\n
\r\n
S3 Reply:
HTTP/1.1 200 OK
x-amz-id-2: Vf1bRJd+e4ru0y73GB0Ra0xYB2vv6GLWYKsHAC4AzE+a8uZB56Xy8+YTDkJ0/wfN
x-amz-request-id: C0E6A2823F3FB3E9
Date: Fri, 11 Jan 2013 15:16:49 GMT
Content-Type: application/xml
Content-Length: 234
Server: AmazonS3
Verification:
HEAD /test/123.png HTTP/1.1\r\n
Host: yourbucket.s3.amazonaws.com\r\n
Accept-Encoding: identity\r\n
Date: Fri, 11 Jan 2013 15:25:23 GMT\r\n
Content-Length: 0\r\n
Authorization: AWS AXXXIXXXXMDDXXXXX7XXXCA :HoZ4Woxxw6SWlxxxx000Rxxm8ODQ=\r\n
\r\n
S3 replies with the correct content-type ( the one I set wrongly to image/gif instead of image/png )
HTTP/1.1 200 OK
x-amz-id-2: 7Ut6sdm6i+1h7Di5UrB4v9Sn3mVCNjyDnkb4rm1jGzN6wBTgDT2/yCSHdrKG12Jd
x-amz-request-id: 38A1F6EC6ECD1D2D
Date: Fri, 11 Jan 2013 15:25:24 GMT
Last-Modified: Fri, 11 Jan 2013 15:25:24 GMT
ETag: "c09fad0faf4e6bb1148670af78b6de41"
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 122311
Server: AmazonS3