chore: test deployment

Author: marcellmueller

infrastructure/api/api-gateway.tf

@@ -23,7 +23,11 @@ resource "aws_apigatewayv2_api" "app" {
     for_each = var.enable_cors ? [1] : []
 
     content {
-      allow_origins     = ["https://${data.terraform_remote_state.frontend.outputs.cloudfront.domain_name}", "https://sitesandtrailsbc.ca", "beta.sitesandtrailsbc.ca"]
+      allow_origins     = [
+        "https://${data.terraform_remote_state.frontend.outputs.cloudfront.domain_name}",
+        "https://sitesandtrailsbc.ca",
+        "https://beta.sitesandtrailsbc.ca"
+      ]
       allow_methods     = var.cors_allowed_methods
       allow_headers     = var.cors_allowed_headers
       allow_credentials = var.cors_allow_credentials

infrastructure/api/vars.tf

@@ -195,7 +195,7 @@ variable "cors_allowed_methods" {
 variable "cors_allowed_headers" {
   description = "Allowed headers for CORS configuration"
   type        = list(string)
-  default = ["Authorization", "Content-Type", "Accept"]
+  default = ["Authorization", "Content-Type", "Accept", "Origin"]
 }
 
 variable "cors_allow_credentials" {

infrastructure/api/waf.tf

@@ -69,13 +69,7 @@ resource "aws_cloudfront_distribution" "api" {
     min_ttl     = 0
     max_ttl     = 900
 
-    forwarded_values {
-      query_string = true
-
-      cookies {
-        forward = "all"
-      }
-    }
+    origin_request_policy_id = "216adef6-5c7f-47e4-b989-5492eafa07d3" # Managed-AllViewerExceptHostHeader
   }
 
   restrictions {