Missing Cloudfront cache behavior config for CORS

[giubil]

As per the Cloudfront documentation you need to add the Origin header to the whitelisted Headers on the default cache behavior. Otherwise, the requests will be missing the CORS headers when served from cache.

Example requests :
Hit from cache :

* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
< content-type: binary/octet-stream
< content-length: 16
< date: Wed, 08 Apr 2020 16:09:54 GMT
< last-modified: Tue, 31 Mar 2020 00:17:31 GMT
< etag: "59493f9fbd62894c3a89cccfee7457c7"
< x-amz-server-side-encryption: AES256
< accept-ranges: bytes
< server: AmazonS3
< x-cache: Hit from cloudfront

Miss from cache:

* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
< content-type: binary/octet-stream
< content-length: 16
< date: Wed, 08 Apr 2020 16:10:58 GMT
< access-control-allow-origin: *
< access-control-allow-methods: GET
< access-control-max-age: 3000
< last-modified: Tue, 31 Mar 2020 00:17:31 GMT
< etag: "59493f9fbd62894c3a89cccfee7457c7"
< x-amz-server-side-encryption: AES256
< accept-ranges: bytes
< server: AmazonS3
< x-cache: Miss from cloudfront

Hit from cache after whitelisting Origin :

* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
< content-type: binary/octet-stream
< content-length: 16
< date: Wed, 08 Apr 2020 16:12:32 GMT
< access-control-allow-origin: *
< access-control-allow-methods: GET
< access-control-max-age: 3000
< last-modified: Tue, 31 Mar 2020 00:17:31 GMT
< etag: "59493f9fbd62894c3a89cccfee7457c7"
< x-amz-server-side-encryption: AES256
< accept-ranges: bytes
< server: AmazonS3
< x-cache: Hit from cloudfront

[JimTharioAmazon]

Thank you. I have an example from another template we can reuse here for CloudFormation header pass-thru.