{"id":20612029,"url":"https://github.com/tcarrio/forward-cloudfront-proto","last_synced_at":"2025-03-06T18:16:27.704Z","repository":{"id":93830404,"uuid":"304993108","full_name":"tcarrio/forward-cloudfront-proto","owner":"tcarrio","description":"[Mirror] Express middleware to forward origin protocol headers through CloudFront","archived":false,"fork":false,"pushed_at":"2020-10-18T00:25:17.000Z","size":68,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-17T03:34:25.771Z","etag":null,"topics":["aws","cloudfront","express","forwarding","http"],"latest_commit_sha":null,"homepage":"https://git.sr.ht/~tcarrio/forward-cloudfront-proto","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tcarrio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-10-18T00:24:08.000Z","updated_at":"2020-10-18T00:29:45.000Z","dependencies_parsed_at":"2023-06-15T06:45:35.860Z","dependency_job_id":null,"html_url":"https://github.com/tcarrio/forward-cloudfront-proto","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tcarrio%2Fforward-cloudfront-proto","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tcarrio%2Fforward-cloudfront-proto/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tcarrio%2Fforward-cloudfront-proto/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tcarrio%2Fforward-cloudfront-proto/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tcarrio","download_url":"https://codeload.github.com/tcarrio/forward-cloudfront-proto/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242259947,"owners_count":20098429,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloudfront","express","forwarding","http"],"created_at":"2024-11-16T10:22:58.581Z","updated_at":"2025-03-06T18:16:27.674Z","avatar_url":"https://github.com/tcarrio.png","language":"TypeScript","readme":"# forward-cloudfront-proto\n\nWhen serving an Express server behind CloudFront, you might run into a case where your authentication cookies don't work and you want to blow your brains out because you have validated that everything is up to spec, and you've pored through MDN documentation, and you validated that you are setting cookies to secure for your new SameSite configuration but for the love of god it just won't work!\n\n## That sounds like me so far, what now?\n\nWell if you managed to find this package, you may be going through something that our team already encountered. If you happen to have an architecture diagram that is a superset of the following:\n\n```\n\n+-----+      +----------------+     +-------------+     +----------------+\n| WWW | --\u003e  | Cloudfront CDN | --\u003e | API Gateway | --\u003e | Express Server |\n+-----+      +----------------+     +-------------+     +----------------+\n\n```\n\nyou just might want to use this. Or write it yourself. It's a very simple package. At the very least, I may propogate some SEO hit on Google that will give you a solution to end your suffering.\n\n## So what is this actually good for?\n\nCloudfront doesn't forward the original protocol using the standard `X-Forwarded-Proto` header. In fact, their forwarded protocol header needs to be enabled, and it's also a custom header called `Cloudfront-Fowarded-Proto`. So, make sure you update your Cloudfront configuration to forward this as well. You will need to include it in the whitelist for the request policy.\n\n## Enough talking, what do I do?\n\nThis is designed as a simple Express middleware you can include in your application. If your app is sitting behind Cloudfront and you have some Express server initialized as `app` already, include the following:\n\n```ts\nimport { forwardCloudfrontProto } from \"@0xc/forward-cloudfront-proto\";\n\n// ...\n\napp.use(forwardCloudfrontProto);\n```\n\nAnd you're done! Express will now handle requests as it would have expected, identifying HTTPS requests as secure, allowing use of SameSite in Chrome, and more.\n\n## Many thanks to\n\nKindly, @beeme1mr, who did 99% of the work here to figure out the cause of the issue. I just packaged it for re-use.","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftcarrio%2Fforward-cloudfront-proto","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftcarrio%2Fforward-cloudfront-proto","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftcarrio%2Fforward-cloudfront-proto/lists"}