⚠ This page is served via a proxy. Original site: https://github.com
This service does not collect credentials or authentication data.
Skip to content

try setting origin path #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
anthony-nhs merged 2 commits into from
Feb 8, 2026
Merged

try setting origin path #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2432834
try setting origin path
anthony-nhs Feb 8, 2026
d6e129a
remove policy
anthony-nhs Feb 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 0 additions & 6 deletions packages/cdk/resources/Cloudfront/CustomSecurityHeaders.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,11 @@ import {ResponseHeadersPolicy, HeadersFrameOption, HeadersReferrerPolicy} from "

export interface CustomResponseHeadersPolicyProps {
policyName: string
fullCognitoDomain: string
}

export class CustomSecurityHeadersPolicy extends Construct {
public readonly policy: ResponseHeadersPolicy
public readonly policyName: string
public readonly fullCognitoDomain: string

constructor(scope: Construct, id: string, props: CustomResponseHeadersPolicyProps) {
super(scope, id)
Expand All @@ -31,10 +29,6 @@ export class CustomSecurityHeadersPolicy extends Construct {
style-src 'self' 'unsafe-inline' https://assets.nhs.uk;
font-src 'self' https://assets.nhs.uk;
img-src 'self' data: https://assets.nhs.uk;
connect-src 'self'
https://*.amazonaws.com
https://*.amazoncognito.com
https://${props.fullCognitoDomain};
object-src 'none';
base-uri 'self';
frame-ancestors 'none';
Expand Down
3 changes: 1 addition & 2 deletions packages/cdk/resources/CloudfrontBehaviors.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,14 +164,13 @@ export class CloudfrontBehaviors extends Construct{
origin: props.apiGatewayOrigin,
allowedMethods: AllowedMethods.ALLOW_ALL,
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
originRequestPolicy: props.apiGatewayRequestPolicy,
cachePolicy: CachePolicy.CACHING_DISABLED,
functionAssociations: [
{
function: apiGatewayStripPathFunction.function,
eventType: FunctionEventType.VIEWER_REQUEST
}
],
]
},
"/500.html": { // matches exactly <url>/500.html and will only serve the 500.html page (via cf function)
origin: props.staticContentBucketOrigin,
Expand Down
3 changes: 2 additions & 1 deletion packages/cdk/stacks/HackStack.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ export class HackStack extends Stack {
}
)
const apiGatewayOrigin = new RestApiOrigin(apiGateway.apiGateway, {
originPath: `/${apiGateway.apiGateway.deploymentStage.stageName}`,
customHeaders: {
"destination-api-apigw-id": apiGateway.apiGateway.restApiId
}
Expand All @@ -131,7 +132,7 @@ export class HackStack extends Stack {
originRequestPolicyName: `${props.serviceName}-ApiGatewayRequestPolicy`,
cookieBehavior: OriginRequestCookieBehavior.all(),
headerBehavior: OriginRequestHeaderBehavior.all(),
queryStringBehavior: OriginRequestQueryStringBehavior.all()
queryStringBehavior: OriginRequestQueryStringBehavior.all(),
})
const cloudfrontBehaviors = new CloudfrontBehaviors(this, "CloudfrontBehaviors", {
serviceName: props.serviceName,
Expand Down