top | item 12988384

(no title)

asteadman | 9 years ago

I did exactly this to in order to use cloudfront signed cookies with lambda/apigateway. API gateway only allows you to have one set-cookie header per response, but 3 are required for cloudfront signed cookies. (See thread: https://forums.aws.amazon.com/thread.jspa?threadID=205782)

UPDATE: Looks like there is a work-around that uses the fact that the set-cookie header is treated as case-insensitive by the browser but not apigateway. Genius.

discuss

No comments yet.