Q22 — AWS DVA-C02 Ch.2
Question 22 of 100 | ← Chapter 2
A company hosts a client-side web application in an Amazon S3 bucket. The web application is accessible via Amazon CloudFront at https://www.example.com. After a successful launch, the company wants to host additional client-side web applications for other customers in separate S3 buckets. To achieve this, developers moved shared JavaScript files and web fonts to a central S3 bucket to serve all web applications. However, during testing, developers noticed browsers blocking the JavaScript files and web fonts. What should the developers do to prevent browsers from blocking these resources?
- A. Create four access points to allow access to the central S3 bucket. Assign one access point to each web application bucket.
- B. Create a bucket policy that allows access to the central S3 bucket and attach it to the central S3 bucket.
- C. Create a Cross-Origin Resource Sharing (CORS) configuration that allows access to the central S3 bucket and add the CORS configuration to the central S3 bucket. ✓
- D. Create a Content-MD5 header to provide message integrity checks for the central S3 bucket. Insert the Content-MD5 header for each web application request.
Correct Answer: C. Create a Cross-Origin Resource Sharing (CORS) configuration that allows access to the central S3 bucket and add the CORS configuration to the central S3 bucket.
Explanation
Option C’s Cross-Origin Resource Sharing (CORS) configuration enables secure cross-domain communication. Since JavaScript files and web fonts reside in the central S3 bucket, configuring CORS rules on that bucket permits web applications hosted on different domains to load those resources—preventing browser-origin blocking. Option A’s access points optimize performance for S3 access but do not resolve cross-origin restrictions. Option B’s bucket policy governs authorization—not cross-origin enforcement. Option D’s Content-MD5 header ensures data integrity but does not address browser-enforced same-origin policy violations.