amazon s3 - HTTP 400 on S3 static file

Question

We've spotted (in our error tracking tool) some http 400 issues while fetching some static files.

Also, there are logs in our API gateway regarding that it redirected the request to S3 which responded 400.

It's not our CDN neither our API gateway.

Why would S3 respond 400 to a static file?

We couldn't find anything exactly about it anywhere so far, but some general resources about 400 were pointing to issues with some HTTP header:

• Malformed request syntax
• If-Modified-Since
• Amazon ALB 400 Request header or cookie too large
• Kong 400 Request header or cookie too large

question from:https://stackoverflow.com/questions/65922171/http-400-on-s3-static-file

Answer 1

Since we couldn't manually reproduce that accessing our system, we started trying to fetch the static files with some unexpected headers using Postman.

We finally could quickly reproduce the issue by sending huge Cookies.

Our hypothesis is that, probably, Amazon S3's static website has some configuration that blocks requests with some specific long headers/cookies.

Once we couldn't find a way to configure that on S3, we've added a plugin to our API Gateway that when it was a static file request, it would remove the cookie before redirecting it to S3 (it wasn't required).

After that change, we've monitored our error tracking tool, and the occurrences of http 400 on static website dropped to 0.