Add Cache-Control headers to redirect responses

awslabs / cognito-at-edge

Serverless authentication solution to protect your website or Amplify application

Apache License 2.0

168 stars 54 forks source link

Closed ineale2 closed 2 years ago

ineale2 commented 2 years ago

When the Authenticator redirects to Cognito or with the set-cookies header, some browsers (IE11 in specific) cache the 302 response as no cache-control headers are set.
When subsequent requests come (with valid cookies), IE11 will retrieve the cached 302 response and get stuck in a redirect loop

jeandek commented 2 years ago

Merged and will be included in next release.