amazon-s3amazon-cloudfrontcustom-headers

AWS cloudfront add custom header without using Lambda@Edge


I would like to add x-frame-options as sameorigin to AWS CloudFront service that serving my application on S3 bucket.

I don't want add new Lambda function to edit requests header.

Actually I found a place under like Attached file:

CloudFront Distributions -> My Distribution settings -> Origins and Origin Groups -> S3 Content item that represent my app -> add Origin Custom Headers -> Header name: x-frame-options, Value :sameorigin

but when deployment going to finish still getting old headers in all related request on S3 bucket files and URL's.

enter image description here

How can I add to headers without any Lambda function just directly working with existing AWS CloudFront panel?


Solution

  • As of November 2021, Cloudfront now supports Response Headers Policies. This allows you to associate a policy with your distribution which defines additional response headers to be returned. If you don't want to use the full Security Headers canned policy, you could create a custom policy with just x-frame-options.