API Gateway Redirect http to https

0
votes

We are using AWS API Gateway with a custom domain. When we try https: it works fine. But we try http:

We CloudFront distribution, with configurations: Origin Domain Name: Minimum Origin SSL Protocol: TLSv1.2 Origin Protocol Policy: HTTPS Viewer Protocol Policy: Redirect HTTP to HTTPS Allowed HTTP Methods: GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE

With this, it redirects all the GET requests from HTTP to HTTPS.

But if we send a POST request to https://, cloudfront doesn't redirect and it just throws an error.

We need a way to redirect http: requests to https: for the API gateway

1
amazon-web-servicesaws-api-gatewayamazon-cloudfront

1 Answers

2
votes

This behaviour of cloudfront is explained in this post redirect-http-requests-to-https-on-aws-api-gateway-using-custom-domains

quoting from the post

There is not a particularly good way to do this for APIs in general, because redirection of a POST request from HTTP to HTTPS is actually a little bit pointless -- the data have already been sent insecurely by the time the redirect is generated, unless the client has asked the server to inspect the request headers before the body is sent, with Expect: 100-continue.

You can create a CloudFront distribution, and configure it to redirect GET and HEAD requests from HTTP to HTTPS... but if you send a POST request to such distribution, CloudFront doesn't redirect -- it just throws an error, since (as noted) such redirection would be more harmful than helpful.