Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added new cached headers #36

Closed
wants to merge 1 commit into from
Closed

Added new cached headers #36

wants to merge 1 commit into from

Conversation

dylanratcliffe
Copy link
Member

No description provided.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 29, 2023
edited
Loading

mapped Expected Changes

updated cloudfront-response-headers-policy › 8ed09a88-177f-4f37-a844-66b7b54a7cda 
--- current
+++ planned
@@ -4,6 +4,7 @@
       access_control_allow_headers:
         - items:
             - X-Example-Header
+            - X-More-Headers
       access_control_allow_methods:
         - items:
             - GET

Blast Radius

items Items edges Edges
110 84

Open in Overmind

warning Risks

medium Inadvertent Caching of Sensitive Headers [Medium]

The addition of X-More-Headers to the AWS CloudFront response headers policy could potentially include sensitive data that should not be cached. Analyzing the current state of the cloudfront-response-headers-policy, it is unclear what kind of data X-More-Headers will carry and if sensitive information is at risk. Without knowing the exact content and intention behind X-More-Headers, this change could lead to unintended caching of sensitive data, violating privacy policies and potentially exposing it to end users.

low Misconfiguration of CORS Policy [Low]

Modifying the access_control_allow_headers by appending X-More-Headers might affect the CORS policy given the current setup of the cloudfront-response-headers-policy. The CORS headers defined are crucial for resource sharing between different origins. Improper configuration here may disrupt client application interactions that depend on CORS. The impact on the application's functionality cannot be estimated without understanding the interactions between the added headers and client applications.

low Increased Response Header Size [Low]

The updated configuration will increase the size of the response headers by adding a new header (X-More-Headers). Although the impact might be minimal, it is possible that a significantly large or unoptimized header could have performance implications, especially if the content served by CloudFront requires frequent fetching. Evaluating the average size and necessity of X-More-Headers is suggested before deploying this change.

low Impact on Upstream Services due to Additional Headers [Low]

Adding X-More-Headers to the CloudFront response headers could affect the behavior of upstream services or APIs. Depending on the design of these services, they may not be prepared to handle additional headers, leading to processing issues or errors. Without adequate validation in the service configurations to ensure they expect or properly ignore the new headers, the stability of these services could be at risk.

@dylanratcliffe dylanratcliffe deleted the new-headers branch December 11, 2023 13:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dylanratcliffe