@@ -165,13 +165,13 @@ export class Network extends Construct {
165165 } ) ;
166166 webFrontendBucket . grantRead ( originIdentity ) ;
167167
168- const corsWithTracingHeadersPolicy = new ResponseHeadersPolicy (
168+ const documentPolicyHeader = new ResponseHeadersPolicy (
169169 this ,
170- "CorsWithTracingHeadersPolicy " ,
170+ "DocumentPolicyHeader " ,
171171 {
172- responseHeadersPolicyName : `Stickerlandia-CORS-Tracing -${ props . env } ` ,
172+ responseHeadersPolicyName : `Stickerlandia-Document-Policy -${ props . env } ` ,
173173 comment :
174- "CORS policy with W3C Trace Context and Datadog headers for RUM-APM correlation " ,
174+ "Add custom header to enable Datadog RUM browser profiling " ,
175175 // Enable browser profiling for Datadog RUM
176176 // See: https://docs.datadoghq.com/real_user_monitoring/correlate_with_other_telemetry/profiling/browser_profiling/
177177 customHeadersBehavior : {
@@ -182,61 +182,7 @@ export class Network extends Construct {
182182 override : true ,
183183 } ,
184184 ] ,
185- } ,
186- corsBehavior : {
187- accessControlAllowCredentials : true ,
188- accessControlAllowHeaders : [
189- "Content-Type" ,
190- "Authorization" ,
191- "Accept" ,
192- // W3C Trace Context headers for distributed tracing
193- "traceparent" ,
194- "tracestate" ,
195- // Datadog-specific headers for RUM-APM correlation
196- "x-datadog-trace-id" ,
197- "x-datadog-parent-id" ,
198- "x-datadog-origin" ,
199- "x-datadog-sampling-priority" ,
200- ] ,
201- accessControlAllowMethods : [
202- "GET" ,
203- "POST" ,
204- "PUT" ,
205- "DELETE" ,
206- "PATCH" ,
207- "OPTIONS" ,
208- ] ,
209- accessControlAllowOrigins : [
210- `*` , // Allow all origins for development
211- ] ,
212- accessControlExposeHeaders : [
213- // Allow browser to read trace headers from responses
214- "traceparent" ,
215- "tracestate" ,
216- "x-datadog-trace-id" ,
217- "x-datadog-parent-id" ,
218- ] ,
219- accessControlMaxAge : Duration . hours ( 1 ) ,
220- originOverride : true ,
221- } ,
222- securityHeadersBehavior : {
223- contentTypeOptions : { override : true } ,
224- frameOptions : {
225- frameOption : HeadersFrameOption . SAMEORIGIN ,
226- override : true ,
227- } ,
228- referrerPolicy : {
229- referrerPolicy :
230- HeadersReferrerPolicy . STRICT_ORIGIN_WHEN_CROSS_ORIGIN ,
231- override : true ,
232- } ,
233- strictTransportSecurity : {
234- accessControlMaxAge : Duration . days ( 365 ) ,
235- includeSubdomains : true ,
236- override : true ,
237- } ,
238- xssProtection : { protection : true , modeBlock : true , override : true } ,
239- } ,
185+ }
240186 } ,
241187 ) ;
242188
@@ -266,7 +212,7 @@ export class Network extends Construct {
266212 origin : S3BucketOrigin . withOriginAccessIdentity ( webFrontendBucket , {
267213 originAccessIdentity : originIdentity ,
268214 } ) ,
269- responseHeadersPolicy : corsWithTracingHeadersPolicy ,
215+ responseHeadersPolicy : documentPolicyHeader ,
270216 } ,
271217 } ) ;
272218
0 commit comments