Skip to content

chore(cloudfront): add validations on corsBehavior of ResponseHeadersPolicy#32206

Closed
Tietew wants to merge 5 commits intoaws:mainfrom
Tietew:cf-cors-validation
Closed

chore(cloudfront): add validations on corsBehavior of ResponseHeadersPolicy#32206
Tietew wants to merge 5 commits intoaws:mainfrom
Tietew:cf-cors-validation

Conversation

@Tietew
Copy link
Copy Markdown
Contributor

@Tietew Tietew commented Nov 20, 2024
edited
Loading

Issue # (if applicable)

N/A

Reason for this change

Currently, the values in corsBehavior of ResponseHeadersPolicy have no validations.
This PR adds validations for user's convenience.

Description of changes

Added following validations for corsBehavior:

  • accessControlAllowHeaders: should be >= 1 items, should not contain multiple * chars, should not contain illegal chars
  • accessControlAllowMethods: should be ['ALL'] or set of allowed method names
  • accessControlAllowOrigins: should be >= 1 items
  • accessControlExposeHeaders: should not contain illegal chars

Description of how you validated changes

Added unit tests on each edge case.
For details of the illegal characters above, see RFC 9110 section 5.6.2.

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added the p2 label Nov 20, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team November 20, 2024 06:34
@github-actions github-actions bot added the admired-contributor [Pilot] contributed between 13-24 PRs to the CDK label Nov 20, 2024
Tietew
Tietew commented Nov 20, 2024
View reviewed changes
packages/aws-cdk-lib/aws-cloudfront/lib/response-headers-policy.ts Outdated
throw new Error('accessControlAllowHeaders needs to have at least one item');
} else if (headers.some((header) => !Token.isUnresolved(header) && containsMultipleStars(header))) {
// Invalid request provided: AWS::CloudFront::ResponseHeadersPolicy
throw new Error("accessControlAllowHeaders contains multiple '*' chars; only 1 is allowed");
Copy link
Copy Markdown
Contributor Author

@Tietew Tietew Nov 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Management Console shows error:
image

@codecov
Copy link
Copy Markdown

codecov bot commented Nov 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.17%. Comparing base (01f2dcd) to head (f709c5a).
Report is 117 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #32206   +/-   ##
=======================================
  Coverage   77.17%   77.17%           
=======================================
  Files         105      105           
  Lines        7169     7169           
  Branches     1315     1315           
=======================================
  Hits         5533     5533           
  Misses       1455     1455           
  Partials      181      181
Flag Coverage Δ
suite.unit 77.17% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
packages/aws-cdk 77.17% <ø> (ø)

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Nov 20, 2024
@aws-cdk-automation
Copy link
Copy Markdown
Collaborator

aws-cdk-automation commented Nov 22, 2024

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: f709c5a
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@github-actions github-actions bot mentioned this pull request Dec 1, 2024
Closed
@Tietew Tietew closed this Dec 13, 2024
@Tietew Tietew deleted the cf-cors-validation branch December 13, 2024 05:22
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Dec 13, 2024

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

admired-contributor [Pilot] contributed between 13-24 PRs to the CDK p2 pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Tietew @aws-cdk-automation