From 0941d4a09608feae1f918af76588b6b0c46e44a7 Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 13:33:07 +0100 Subject: [PATCH 1/8] More generic caching of front end --- sam-template.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/sam-template.yaml b/sam-template.yaml index 90a836556..32ceb0aca 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -528,16 +528,13 @@ Resources: SslSupportMethod: sni-only DefaultCacheBehavior: - AllowedMethods: [ GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE ] + AllowedMethods: [ GET, HEAD, OPTIONS ] TargetOriginId: Dynamic ForwardedValues: QueryString: true Cookies: - Forward: "all" - Headers: - - Authorization - - Origin - - Referer + Forward: "none" + DefaultTTL: 3600 ViewerProtocolPolicy: "redirect-to-https" CacheBehaviors: From 18c1876d1f28c66ae97e084054ea952c2d614df3 Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 13:34:20 +0100 Subject: [PATCH 2/8] DELETE --- .circleci/config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 3aea373bf..f076db763 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -278,14 +278,14 @@ workflows: - build_and_test - sam_build context: [ deployment-development-wcivf, slack-secrets ] - filters: { branches: { only: [ main, master, staging, hotfix/make-token-more-unique ] } } + filters: { branches: { only: [ main, master, staging, fix-cache ] } } - post_deploy_tests: name: post_deploy_tests_development dc-environment: development requires: - sam_deploy_development context: [ deployment-development-wcivf, slack-secrets ] - filters: { branches: { only: [ main, master, staging, hotfix/make-token-more-unique ] } } + filters: { branches: { only: [ main, master, staging, fix-cache ] } } - code_deploy: name: code_deploy_development dc-environment: development @@ -295,7 +295,7 @@ workflows: requires: - post_deploy_tests_development context: [ deployment-development-wcivf, slack-secrets ] - filters: { branches: { only: [ main, master, staging, hotfix/make-token-more-unique ] } } + filters: { branches: { only: [ main, master, staging, fix-cache ] } } - sam_deploy: name: sam_deploy_staging dc-environment: staging From ab0e814a4520f7fb2efc0fa13d81d73bed58200e Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 13:41:24 +0100 Subject: [PATCH 3/8] fixup! More generic caching of front end --- sam-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sam-template.yaml b/sam-template.yaml index 32ceb0aca..01d1e3d56 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -534,7 +534,7 @@ Resources: QueryString: true Cookies: Forward: "none" - DefaultTTL: 3600 + DefaultTTL: 3600 ViewerProtocolPolicy: "redirect-to-https" CacheBehaviors: From 4084181023549e56a06c1e23ab0d8d3f512ceeb8 Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 13:53:11 +0100 Subject: [PATCH 4/8] fixup! More generic caching of front end --- sam-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sam-template.yaml b/sam-template.yaml index 01d1e3d56..9b6e69a61 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -528,7 +528,7 @@ Resources: SslSupportMethod: sni-only DefaultCacheBehavior: - AllowedMethods: [ GET, HEAD, OPTIONS ] + AllowedMethods: [ GET, HEAD, OPTIONS, POST ] TargetOriginId: Dynamic ForwardedValues: QueryString: true From e0dcae17fba6bfc5a3990700c7daacbc1af5c3bc Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 13:55:37 +0100 Subject: [PATCH 5/8] Disable cache for the admin interface --- sam-template.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/sam-template.yaml b/sam-template.yaml index 9b6e69a61..c267c787c 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -551,6 +551,19 @@ Resources: - Origin ViewerProtocolPolicy: "redirect-to-https" MinTTL: '50' + - AllowedMethods: [ GET, HEAD, OPTIONS, POST] + PathPattern: admin/* + TargetOriginId: Dynamic + Compress: true + ForwardedValues: + QueryString: true + Cookies: + Forward: 'all' + Headers: + - Authorization + - Origin + ViewerProtocolPolicy: "redirect-to-https" + CachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad" DnsRecord: Type: AWS::Route53::RecordSet From 223baf0657f1bc5631763a0c5403d33b8fbcfce5 Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 14:03:25 +0100 Subject: [PATCH 6/8] fixup! More generic caching of front end --- sam-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sam-template.yaml b/sam-template.yaml index c267c787c..bf1dbb8d6 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -528,7 +528,7 @@ Resources: SslSupportMethod: sni-only DefaultCacheBehavior: - AllowedMethods: [ GET, HEAD, OPTIONS, POST ] + AllowedMethods: [ HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH ] TargetOriginId: Dynamic ForwardedValues: QueryString: true From d67c3d74599b912dbe50aa36e0b3fd50b3239b18 Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 14:03:38 +0100 Subject: [PATCH 7/8] fixup! Disable cache for the admin interface --- sam-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sam-template.yaml b/sam-template.yaml index bf1dbb8d6..0ba419580 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -551,7 +551,7 @@ Resources: - Origin ViewerProtocolPolicy: "redirect-to-https" MinTTL: '50' - - AllowedMethods: [ GET, HEAD, OPTIONS, POST] + - AllowedMethods: [ HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH] PathPattern: admin/* TargetOriginId: Dynamic Compress: true From 79746daeb3c7d0152b2f8e9bec5e078a9706e69c Mon Sep 17 00:00:00 2001 From: Sym Roe Date: Tue, 1 Aug 2023 14:18:43 +0100 Subject: [PATCH 8/8] fixup! Disable cache for the admin interface --- sam-template.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/sam-template.yaml b/sam-template.yaml index 0ba419580..837815f2c 100644 --- a/sam-template.yaml +++ b/sam-template.yaml @@ -562,6 +562,7 @@ Resources: Headers: - Authorization - Origin + - Referer ViewerProtocolPolicy: "redirect-to-https" CachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad"