New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support want-digest request headers [DELIVERY-8988] #34
Conversation
want_digest = None | ||
|
||
if want_digest == "sha-256": | ||
response["headers"]["digest"] = [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: do you also have to check whether the response from origin was successful? If we got an error or other unusual response, I don't think we should add the digest. This is a question since I don't know whether the origin-response event is designed so that the lambda is invoked also on failures (I guess that it probably is, since there's valid use-cases to do things with failures from origin).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm only able to get any of the custom response headers, including this one, to appear on successful requests;
$ curl -I -H "Want-Digest: sha-256" https://d15jsmjyzkkmm9.cloudfront.net/content/beta/rhel8/8/x86_64/exodus/os/repodata/repomd.xml
HTTP/2 200
content-type: binary/octet-stream
content-length: 3078
last-modified: Wed, 19 Feb 2020 22:29:29 GMT
accept-ranges: bytes
server: AmazonS3
digest: sha-256=/2179040d967e28d988110b532cb4d39c5056002a3a2529984eff1c0a41e9c35e
date: Mon, 30 Mar 2020 19:35:34 GMT
etag: "713c7d8bd32a849c332b88b16b500240"
cache-control: max-age=600
x-cache: Hit from cloudfront
via: 1.1 ec9b50c7bee8c251b0724c3c8490c1e4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1
x-amz-cf-id: BKhdxbrUMjR6FW9TKE9IVdgUm7-gEhSDcrkUQsqRYlH7_IRiXLW-Ew==
(Ignore the "/" in the checksum, it was cached before I discovered the error)
Creating a table item which points to an invalid object key got me the following;
$ curl -I -H "Want-Digest: sha-256" https://d15jsmjyzkkmm9.cloudfront.net/content/test/bad/path/repomd.xml
HTTP/2 404
content-length: 0
server: CloudFront
date: Mon, 30 Mar 2020 19:54:24 GMT
x-cache: Error from cloudfront
via: 1.1 15cde442051269a0307a638d23683c8c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
x-amz-cf-id: nNilA3dXMxW07j2nL6IX7rpNUsaD9rsOQoCiwawNEMPaD3kLr46UkA==
age: 185
If we want to be sure, I guess we could check content-length header before setting any custom response headers.
31c8eb4
to
8b71f14
Compare
03d29f0
to
deb5433
Compare
This commit enables id-sha-256 digest header in the response for any want-digest, regardless of requested algorithm.
This commit enables id-sha-256 digest header in the response for any
want-digest, regardless of requested algorithm.