Apple's apple-app-site-association file on S3 with CloudFront Distribution - ios

I am trying to serve apple-app-site-association from the S3 via CloudFront distribution via my custom domain.
But when I am given a path like below, It's started downloading rather than showing in the browser.
https:/mycustomdonain.com/.well-known/apple-app-site-association
Do I need to make any setting at S3 or CloudFront level to make it work?
Note: The application is developed in Angular.
Thanks

As Christos says, you need to set the content-type response header in S3, which then also applies to Cloudfront HTTPS URLs.
Here is an example of mine, that I use for deep linking and OpenID Connect with an HTTPS redirect URI:
https://mobile.authsamples.com/.well-known/apple-app-site-association
Further details on how this looks in my blog post, where you set the content type by editing tte file properties:

Related

S3 like signed url for nginx file serving

So , I have setup my project and I am planning to self serve my files from my server. Currently I have two folders from where I want users to access files , 1. Media folder and another is static folder . I wanna set up signed urls just like S3 provides so that one cannot bruteforce and get all my files from the server's either folders. Also I want to make it so that I can handle uploading of files directly from nginx rather than through my application.
For the signed URLS - need to generate them with your application. Then you have two options:
Serve the files with your application after validating the URL is valid
Serve the files with nginx but do the validation/authorization with your app. This is what you need:
http://nginx.org/en/docs/http/ngx_http_auth_request_module.html#auth_request
For the upload part the situation is similar, you can either:
Handle uploads with your app
Use nginx-upload-module and handle the authorization only with your app
I would definitely recommend handling all uploads within your app, it is just simpler.

Using the apple-app-site-association file with an azure static-web-app

I am using an Azure static web app to host a website. I want to host the apple file on the backend for deep linking. I am running into the problem however that the apple documentation requires there is no extension on the file when it is uploaded. I have tried to override the content-type / mime methods to "application/json" via route rules, general headers, and extension rules. Nothing seems to change this file from being retrieved with the content type "application/octet-stream". Any guidance on how to get these two implementations to work together would be amazing. Thank you in advance.
Edit the file metadata to set the content type.
Are you using CloudFront? If so, be sure to invalidate the cache for this file.

large file upload via Zuul

I'm trying to upload a large file through Zuul.
Basically I have the applications set up like this:
UI: this is where the Zuul Gateway is located
Backend: this is where the file must finally arrive.
I used the functionality described here so everything works fine if I used "Transfer-Encoding: chunked". However, this can only be set via curl. I haven't found any way to set this header in the browser (the header is rejected with the error message in the console "Refused to set unsafe header ..".
Any idea how to instruct the header to set this header ?
It seems that actually there are 2 possible ways to upload large files via zuul:
By using "Transfer-Encoding: chunked" in header (but this cannot be used in a browser, as mentioned in the initial question, because this header is considered unsafe)
By bypassing the DispatcherServlet servlet used by zuul (using the /zuul path in front of the usual path that I was using).
I found the documentation not very clear in this aspect (that you can use either of the 2 options). In my case, considering that the file was being uploaded via Angular Js (hence in the browser), I had to use the second approach.

CORS for Google Cloud Storage Bucket (e.g. Firebase Storage) not fetching text in Safari when in iOS

I set up CORS for my Google Cloud Storage Bucket according to this:
https://cloud.google.com/storage/docs/cross-origin#Configuring-CORS-on-a-Bucket
and by following this article:
https://bitmovin.com/faq/how-do-i-set-up-cors-for-my-google-cloud-storage-bucket/
My web page fetches the content of .txt and .jpg files contained in my Google Cloud Storage Bucket via a jscript routine.
While the set up described above works for the web and on Safari in iOS for the .jpg files, it does not work on Safari in iOS for the .txt files.
I tend to believe there is something wrong in the CORS headers. However, I'm still not able to figure this out.
Does anybody have any idea on this?
The answer was just out there in the right methods to use to SET the headers:
https://docs.cancergenomicscloud.org/docs/enabling-cross-origin-resource-sharing-cors
https://blogs.sap.com/2013/02/11/cors-or-how-to-make-that-damn-iphone-simulator-work/
http://excellencenodejsblog.com/handing-cors-for-your-mobile-app/

append query string while requesting for fonts in rails

Note: This problem is related to firefox being unable to download fonts from cross domain servers
source: mozilla
In Gecko, web fonts are subject to the same domain restriction (font files must be on the same domain as the page using them), unless HTTP access controls are used to relax this restriction. Note: Because there are no defined MIME types for TrueType, OpenType, and WOFF fonts, the MIME type of the file specified is not considered.
I have a rails application where assets are fetched from amazon cloudfront. CloudFront, in turn, fetches the assets from s3 bucket. I defined the asset_host in production.rb so that assets are fetched from the cloudfront url.
config.action_controller.asset_host = "//d582x5cj7qfaa.cloudfront.net"
Because I am serving assets from different domain i.e cloudfront. I am unable to download fonts in case of firefox. I came across this and applied the same logic as given in the answer, but I was still unable to download the fonts. The reason behind this is, since I have multiple domains (eg: abc.almaconnect.com, xyz.almaconnect.com) that use the same cloudfront url to access fonts, the cloudfront server caches the server headers that were sent in the first request and return the same header even when the domain requesting is different the next time.
Then I came across this link, which solves my problem of cache headers i.e if I pass query string along with the url it should work correctly
My question is, how do I append the query_string dynamically through the url? Since the same application is used by multiple domains, I need to real-time method to append query string. How do I do that?
For reference:
Here is the CORS configuration that I used in amazon s3 bucket, which was used by cloudfront url to serve the assets:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*.almaconnect.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>Content-*</AllowedHeader>
<AllowedHeader>Host</AllowedHeader>
</CORSRule>
</CORSConfiguration>
This is how I came to know what happens with and without appending query_string to the url:
curl -i -H "Origin: https://niet.almaconnect.com" https://d582x5cj7qfaa.cloudfront.net/assets/AlmaConnect-Icons-d059ef02df0837a693877324e7fe1e84.ttf?https_niet.almaconnect.com
When will used the same curl request with different origins, without appending the query_string, the returned response contains the origin header that was used in the first request.

Resources