From c7494fb5795d1a22cb406028776e879fe95a8b7c Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 11:31:14 +0930
Subject: [PATCH 01/10] DO-1357: Add comment to clarify the use of prerender
 headers, and patch version update to match release numbers

---
 packages/feature-env-handlers/lib/viewer-request.ts     | 1 +
 packages/feature-env-handlers/package-lock.json         | 4 ++--
 packages/feature-env-handlers/package.json              | 2 +-
 packages/lambda-at-edge-handlers/lib/prerender-check.ts | 3 +++
 packages/lambda-at-edge-handlers/package-lock.json      | 4 ++--
 packages/lambda-at-edge-handlers/package.json           | 2 +-
 6 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/packages/feature-env-handlers/lib/viewer-request.ts b/packages/feature-env-handlers/lib/viewer-request.ts
index 74dcfdb2..2d50818a 100644
--- a/packages/feature-env-handlers/lib/viewer-request.ts
+++ b/packages/feature-env-handlers/lib/viewer-request.ts
@@ -6,6 +6,7 @@ export const handler = async (
 ): Promise<CloudFrontRequest> => {
   const { request } = event.Records[0].cf;
 
+  // Consumed by OriginRequest Lambda@Edge for Feature Environment functionality.
   request.headers["x-forwarded-host"] = [
     {
       value: request.headers.host[0].value,
diff --git a/packages/feature-env-handlers/package-lock.json b/packages/feature-env-handlers/package-lock.json
index 6d78e486..cdbe1273 100644
--- a/packages/feature-env-handlers/package-lock.json
+++ b/packages/feature-env-handlers/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@aligent/cdk-lambda-at-edge-handlers",
-  "version": "0.1.0",
+  "version": "2.0.1",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "@aligent/cdk-lambda-at-edge-handlers",
-      "version": "0.1.0",
+      "version": "2.0.1",
       "license": "GPL-3.0-only",
       "dependencies": {
         "@types/aws-lambda": "^8.10.77",
diff --git a/packages/feature-env-handlers/package.json b/packages/feature-env-handlers/package.json
index f25f7b26..63f0dd9e 100644
--- a/packages/feature-env-handlers/package.json
+++ b/packages/feature-env-handlers/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@aligent/cdk-feature-env-handlers",
-  "version": "0.1.0",
+  "version": "2.0.1",
   "description": "Cloudfront Lambda@Edge handlers to allow feature environments to function",
   "main": "index.js",
   "scripts": {
diff --git a/packages/lambda-at-edge-handlers/lib/prerender-check.ts b/packages/lambda-at-edge-handlers/lib/prerender-check.ts
index b9a93e14..ef4d991d 100644
--- a/packages/lambda-at-edge-handlers/lib/prerender-check.ts
+++ b/packages/lambda-at-edge-handlers/lib/prerender-check.ts
@@ -17,8 +17,10 @@ export const handler = async (
   if (
     !IS_FILE.test(request.uri) &&
     IS_BOT.test(request.headers["user-agent"][0].value) &&
+    // Check if the request is from Prerender service
     !request.headers["x-prerender"]
   ) {
+    // Consumed by OriginRequest Lambda@Edge to determine if this request needs to be send to Prerender service rather than other origins.
     request.headers["x-request-prerender"] = [
       {
         key: "x-request-prerender",
@@ -26,6 +28,7 @@ export const handler = async (
       },
     ];
 
+    // Consumed by OriginRequest Lambda@Edge, only when x-request-prerender header is set. Prerender service will send request to this host.
     request.headers["x-prerender-host"] = [
       { key: "X-Prerender-Host", value: request.headers.host[0].value },
     ];
diff --git a/packages/lambda-at-edge-handlers/package-lock.json b/packages/lambda-at-edge-handlers/package-lock.json
index 6d78e486..7430fdfc 100644
--- a/packages/lambda-at-edge-handlers/package-lock.json
+++ b/packages/lambda-at-edge-handlers/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@aligent/cdk-lambda-at-edge-handlers",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "@aligent/cdk-lambda-at-edge-handlers",
-      "version": "0.1.0",
+      "version": "0.1.1",
       "license": "GPL-3.0-only",
       "dependencies": {
         "@types/aws-lambda": "^8.10.77",
diff --git a/packages/lambda-at-edge-handlers/package.json b/packages/lambda-at-edge-handlers/package.json
index 087c22d1..3a6d3933 100644
--- a/packages/lambda-at-edge-handlers/package.json
+++ b/packages/lambda-at-edge-handlers/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@aligent/cdk-lambda-at-edge-handlers",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "A Cloudfront Lambda@Edge handlers powered by Middy",
   "main": "index.js",
   "scripts": {

From 4b296874669732b1e72d44c14caf1a6d6ac988f2 Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 11:33:57 +0930
Subject: [PATCH 02/10] DO-1357: address Invalid define value error by
 providing quotations

---
 packages/static-hosting/lib/path-remap.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/static-hosting/lib/path-remap.ts b/packages/static-hosting/lib/path-remap.ts
index 97775739..e6b0456b 100644
--- a/packages/static-hosting/lib/path-remap.ts
+++ b/packages/static-hosting/lib/path-remap.ts
@@ -33,7 +33,7 @@ export class PathRemapFunction extends Construct {
             local: new Esbuild({
               entryPoints: [join(__dirname, "handlers/remap.ts")],
               define: {
-                "process.env.REMAP_PATH": options.path,
+                "process.env.REMAP_PATH": "\""+options.path+"\"",
               },
             }),
           },

From b76c93879d4d49ef526c9af90302e0d3df1c501d Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 11:36:19 +0930
Subject: [PATCH 03/10] DO-1357: OriginRequest and Cache Header update -
 clarify which headers are needed for each - make the header list customisable

---
 packages/static-hosting/lib/static-hosting.ts | 40 +++++++++++++++----
 1 file changed, 33 insertions(+), 7 deletions(-)

diff --git a/packages/static-hosting/lib/static-hosting.ts b/packages/static-hosting/lib/static-hosting.ts
index 46786ec4..aa5417ca 100644
--- a/packages/static-hosting/lib/static-hosting.ts
+++ b/packages/static-hosting/lib/static-hosting.ts
@@ -246,6 +246,16 @@ export interface StaticHostingProps {
    */
   defaultBehaviorCachePolicy?: CachePolicy;
 
+  /**
+   * Additional headers to include in OriginRequestHeaderBehavior
+   */
+  additionalDefaultOriginRequestHeaders?: string[];
+
+  /**
+   * Additional headers to include in CacheHeaderBehavior
+   */
+  additionalDefaultCacheKeyHeaders?: string[];
+
   /**
    * After switching constructs, you need to maintain the same logical ID
    * for the underlying CfnDistribution if you wish to avoid the deletion
@@ -425,23 +435,39 @@ export class StaticHosting extends Construct {
     });
     let backendOrigin = undefined;
 
+    const originRequestHeaderBehaviorAllowList = [
+      "x-forwarded-host", // Consumed by OriginRequest Lambda@Edge for Feature Environment functionality.
+      "x-request-prerender", // Consumed by OriginRequest Lambda@Edge to determine if this request needs to be send to Prerender service rather than other origins.
+      "x-prerender-host", // Consumed by OriginRequest Lambda@Edge, only when x-request-prerender header is set. Prerender service will send request to this host.
+      "x-prerender", // Consumed, if configured, by origin's custom features, such as GeoRedirection, the behave of which should depend on whether the request is from an end user.
+      "x-prerender-user-agent", // Consumed by Prerender service for logging original user agent rather than CloudFront's
+    ];
+    if (props.additionalDefaultOriginRequestHeaders) {
+      props.additionalDefaultOriginRequestHeaders.forEach(header => {
+        originRequestHeaderBehaviorAllowList.push(header);
+      });
+    }
     const originRequestPolicy =
       props.defaultBehaviorRequestPolicy ||
       new OriginRequestPolicy(this, "S3OriginRequestPolicy", {
         headerBehavior: OriginRequestHeaderBehavior.allowList(
-          "x-forwarded-host",
-          "x-request-prerender",
-          "x-prerender"
+          ...originRequestHeaderBehaviorAllowList
         ),
       });
-
+    const cacheHeaderBehaviorAllowList = [
+      "x-forwarded-host", // Origin response may vary depending on the domain/path based on Feature Environment
+      "x-prerender", // Origin response may vary depending on whether the request is from end user or prerender service.
+    ];
+    if (props.additionalDefaultCacheKeyHeaders) {
+      props.additionalDefaultCacheKeyHeaders.forEach(header => {
+        cacheHeaderBehaviorAllowList.push(header);
+      });
+    }
     const originCachePolicy =
       props.defaultBehaviorCachePolicy ||
       new CachePolicy(this, "S3OriginCachePolicy", {
         headerBehavior: CacheHeaderBehavior.allowList(
-          "x-forwarded-host",
-          "x-request-prerender",
-          "x-prerender"
+          ...cacheHeaderBehaviorAllowList
         ),
         enableAcceptEncodingBrotli: true,
         enableAcceptEncodingGzip: true,

From 55329db08f76361ff2071d0a8e081f24acf8d2be Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 11:36:37 +0930
Subject: [PATCH 04/10] DO-1357: enhance visibility

---
 packages/static-hosting/lib/static-hosting.ts | 34 +++++++++----------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/packages/static-hosting/lib/static-hosting.ts b/packages/static-hosting/lib/static-hosting.ts
index aa5417ca..b104a6fc 100644
--- a/packages/static-hosting/lib/static-hosting.ts
+++ b/packages/static-hosting/lib/static-hosting.ts
@@ -2,27 +2,27 @@ import { Construct } from "constructs";
 import { CfnOutput, Duration, RemovalPolicy } from "aws-cdk-lib";
 import { Certificate } from "aws-cdk-lib/aws-certificatemanager";
 import {
+  BehaviorOptions,
+  CacheHeaderBehavior,
+  CachePolicy,
+  CfnDistribution,
   Distribution,
   DistributionProps,
+  EdgeLambda,
+  ErrorResponse,
   HttpVersion,
+  IDistribution,
+  IResponseHeadersPolicy,
+  IOriginAccessIdentity,
+  LambdaEdgeEventType,
+  OriginAccessIdentity,
+  OriginRequestHeaderBehavior,
+  OriginRequestPolicy,
   PriceClass,
   ResponseHeadersPolicy,
   SecurityPolicyProtocol,
   SSLMethod,
   ViewerProtocolPolicy,
-  BehaviorOptions,
-  ErrorResponse,
-  EdgeLambda,
-  CfnDistribution,
-  OriginRequestPolicy,
-  CachePolicy,
-  OriginRequestHeaderBehavior,
-  CacheHeaderBehavior,
-  IResponseHeadersPolicy,
-  LambdaEdgeEventType,
-  OriginAccessIdentity,
-  IDistribution,
-  IOriginAccessIdentity,
 } from "aws-cdk-lib/aws-cloudfront";
 import { HttpOrigin, S3Origin } from "aws-cdk-lib/aws-cloudfront-origins";
 import {
@@ -505,7 +505,7 @@ export class StaticHosting extends Construct {
       origin: s3Origin,
       viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
       edgeLambdas: defaultBehaviorEdgeLambdas,
-      originRequestPolicy: originRequestPolicy,
+      originRequestPolicy,
       cachePolicy: originCachePolicy,
       responseHeadersPolicy: responseHeadersPolicy,
     };
@@ -566,7 +566,7 @@ export class StaticHosting extends Construct {
     }
 
     const distributionProps: DistributionProps = {
-      domainNames: domainNames,
+      domainNames,
       webAclId: props.webAclArn,
       comment: props.comment,
       defaultRootObject: defaultRootObject,
@@ -583,8 +583,8 @@ export class StaticHosting extends Construct {
         "DomainCertificate",
         props.certificateArn
       ),
-      defaultBehavior: defaultBehavior,
-      additionalBehaviors: additionalBehaviors,
+      defaultBehavior,
+      additionalBehaviors,
       errorResponses: props.enableErrorConfig ? errorResponses : [],
     };
 

From 9e12264e3e3829cfc4df422ee2ff74a647ccf90f Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 11:37:19 +0930
Subject: [PATCH 05/10] DO-1357: update package versions as per actual releases
 and updates

---
 package-lock.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index fb0baa40..e0904b35 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9780,7 +9780,7 @@
     },
     "packages/feature-env-handlers": {
       "name": "@aligent/cdk-feature-env-handlers",
-      "version": "0.1.0",
+      "version": "2.0.1",
       "license": "GPL-3.0-only",
       "dependencies": {
         "source-map-support": "^0.5.21"
@@ -9836,7 +9836,7 @@
     },
     "packages/lambda-at-edge-handlers": {
       "name": "@aligent/cdk-lambda-at-edge-handlers",
-      "version": "0.1.0",
+      "version": "0.1.1",
       "license": "GPL-3.0-only",
       "dependencies": {
         "axios": "^1.5.1",
@@ -9848,7 +9848,7 @@
     },
     "packages/prerender-fargate": {
       "name": "@aligent/cdk-prerender-fargate",
-      "version": "2.3.8",
+      "version": "2.5.1",
       "license": "GPL-3.0-only",
       "dependencies": {
         "@aws-cdk/aws-apigatewayv2-alpha": "2.30.0-alpha.0",
@@ -9924,7 +9924,7 @@
     },
     "packages/static-hosting": {
       "name": "@aligent/cdk-static-hosting",
-      "version": "2.3.4",
+      "version": "2.4.0",
       "license": "GPL-3.0-only",
       "dependencies": {
         "@aligent/cdk-esbuild": "^2.0",
@@ -9946,7 +9946,7 @@
     },
     "packages/waf": {
       "name": "@aligent/cdk-waf",
-      "version": "2.0.0",
+      "version": "2.1.0",
       "license": "GPL-3.0-only",
       "dependencies": {
         "aws-cdk-lib": "2.113.0",

From 6fe6db442a7dcd3149c959827cc398040820ebf3 Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 11:38:03 +0930
Subject: [PATCH 06/10] DO-1357: bump up minor version for additional feature
 of header list customisation

---
 packages/static-hosting/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/static-hosting/package.json b/packages/static-hosting/package.json
index 4bbfcd06..d4f4913a 100644
--- a/packages/static-hosting/package.json
+++ b/packages/static-hosting/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@aligent/cdk-static-hosting",
-  "version": "2.3.4",
+  "version": "2.4.0",
   "main": "index.js",
   "license": "GPL-3.0-only",
   "homepage": "https://github.com/aligent/aws-cdk-static-hosting-stack#readme",

From c6d9aad98f51832b007b12807351875e5bb577ed Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 12:23:35 +0930
Subject: [PATCH 07/10] DO-1357: apply prettier

---
 packages/static-hosting/lib/path-remap.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/packages/static-hosting/lib/path-remap.ts b/packages/static-hosting/lib/path-remap.ts
index e6b0456b..08499926 100644
--- a/packages/static-hosting/lib/path-remap.ts
+++ b/packages/static-hosting/lib/path-remap.ts
@@ -33,14 +33,14 @@ export class PathRemapFunction extends Construct {
             local: new Esbuild({
               entryPoints: [join(__dirname, "handlers/remap.ts")],
               define: {
-                "process.env.REMAP_PATH": "\""+options.path+"\"",
+                "process.env.REMAP_PATH": '"' + options.path + '"',
               },
             }),
           },
         }),
         runtime: Runtime.NODEJS_18_X,
         handler: "remap.handler",
-      }
+      },
     );
   }
 
@@ -48,7 +48,7 @@ export class PathRemapFunction extends Construct {
     return Version.fromVersionArn(
       this,
       "remap-fn-version",
-      this.edgeFunction.currentVersion.edgeArn
+      this.edgeFunction.currentVersion.edgeArn,
     );
   }
 }

From 7f97cb6b7f0f627a185ef3c85ba22e2f1e06c0b6 Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 22 Aug 2024 12:26:46 +0930
Subject: [PATCH 08/10] DO-1357: apply prettier

---
 packages/static-hosting/lib/path-remap.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/static-hosting/lib/path-remap.ts b/packages/static-hosting/lib/path-remap.ts
index 08499926..1f2095cd 100644
--- a/packages/static-hosting/lib/path-remap.ts
+++ b/packages/static-hosting/lib/path-remap.ts
@@ -40,7 +40,7 @@ export class PathRemapFunction extends Construct {
         }),
         runtime: Runtime.NODEJS_18_X,
         handler: "remap.handler",
-      },
+      }
     );
   }
 
@@ -48,7 +48,7 @@ export class PathRemapFunction extends Construct {
     return Version.fromVersionArn(
       this,
       "remap-fn-version",
-      this.edgeFunction.currentVersion.edgeArn,
+      this.edgeFunction.currentVersion.edgeArn
     );
   }
 }

From cf37d6293f2288aecea0ba0840015e37cadde134 Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 5 Sep 2024 14:57:14 +0930
Subject: [PATCH 09/10] enhance code readability

---
 packages/static-hosting/lib/path-remap.ts     | 2 +-
 packages/static-hosting/lib/static-hosting.ts | 9 ++++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/packages/static-hosting/lib/path-remap.ts b/packages/static-hosting/lib/path-remap.ts
index 1f2095cd..98686aa5 100644
--- a/packages/static-hosting/lib/path-remap.ts
+++ b/packages/static-hosting/lib/path-remap.ts
@@ -33,7 +33,7 @@ export class PathRemapFunction extends Construct {
             local: new Esbuild({
               entryPoints: [join(__dirname, "handlers/remap.ts")],
               define: {
-                "process.env.REMAP_PATH": '"' + options.path + '"',
+                "process.env.REMAP_PATH": `"${options.path}"`,
               },
             }),
           },
diff --git a/packages/static-hosting/lib/static-hosting.ts b/packages/static-hosting/lib/static-hosting.ts
index b104a6fc..aae9d6a1 100644
--- a/packages/static-hosting/lib/static-hosting.ts
+++ b/packages/static-hosting/lib/static-hosting.ts
@@ -435,18 +435,16 @@ export class StaticHosting extends Construct {
     });
     let backendOrigin = undefined;
 
+    const additionalDefaultOriginRequestHeaders =
+      props.additionalDefaultOriginRequestHeaders || [];
     const originRequestHeaderBehaviorAllowList = [
       "x-forwarded-host", // Consumed by OriginRequest Lambda@Edge for Feature Environment functionality.
       "x-request-prerender", // Consumed by OriginRequest Lambda@Edge to determine if this request needs to be send to Prerender service rather than other origins.
       "x-prerender-host", // Consumed by OriginRequest Lambda@Edge, only when x-request-prerender header is set. Prerender service will send request to this host.
       "x-prerender", // Consumed, if configured, by origin's custom features, such as GeoRedirection, the behave of which should depend on whether the request is from an end user.
       "x-prerender-user-agent", // Consumed by Prerender service for logging original user agent rather than CloudFront's
+      ...additionalDefaultOriginRequestHeaders,
     ];
-    if (props.additionalDefaultOriginRequestHeaders) {
-      props.additionalDefaultOriginRequestHeaders.forEach(header => {
-        originRequestHeaderBehaviorAllowList.push(header);
-      });
-    }
     const originRequestPolicy =
       props.defaultBehaviorRequestPolicy ||
       new OriginRequestPolicy(this, "S3OriginRequestPolicy", {
@@ -454,6 +452,7 @@ export class StaticHosting extends Construct {
           ...originRequestHeaderBehaviorAllowList
         ),
       });
+
     const cacheHeaderBehaviorAllowList = [
       "x-forwarded-host", // Origin response may vary depending on the domain/path based on Feature Environment
       "x-prerender", // Origin response may vary depending on whether the request is from end user or prerender service.

From 3e1954c1ac1bf2bb91456a960ca8717b2949a5d3 Mon Sep 17 00:00:00 2001
From: Chris Park <chris.park@aligent.com.au>
Date: Thu, 5 Sep 2024 15:01:22 +0930
Subject: [PATCH 10/10] enhance code readability

---
 packages/static-hosting/lib/static-hosting.ts | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/packages/static-hosting/lib/static-hosting.ts b/packages/static-hosting/lib/static-hosting.ts
index aae9d6a1..3f312546 100644
--- a/packages/static-hosting/lib/static-hosting.ts
+++ b/packages/static-hosting/lib/static-hosting.ts
@@ -453,15 +453,13 @@ export class StaticHosting extends Construct {
         ),
       });
 
+    const additionalDefaultCacheKeyHeaders =
+      props.additionalDefaultCacheKeyHeaders || [];
     const cacheHeaderBehaviorAllowList = [
       "x-forwarded-host", // Origin response may vary depending on the domain/path based on Feature Environment
       "x-prerender", // Origin response may vary depending on whether the request is from end user or prerender service.
+      ...additionalDefaultCacheKeyHeaders,
     ];
-    if (props.additionalDefaultCacheKeyHeaders) {
-      props.additionalDefaultCacheKeyHeaders.forEach(header => {
-        cacheHeaderBehaviorAllowList.push(header);
-      });
-    }
     const originCachePolicy =
       props.defaultBehaviorCachePolicy ||
       new CachePolicy(this, "S3OriginCachePolicy", {