-
Hello Viktorrr,
Good day!
Thank you for posting here. Both approaches—using Lambda@Edge and CloudFront custom headers—can effectively add security headers for a static website, but they come with trade-offs. CloudFront custom headers are simpler, cost-effective, and easy to set up, making them ideal for general static sites. However, security must be more dynamic and robust for an online salary calculator handling sensitive financial data. Lambda@Edge allows real-time header modifications, adding flexibility to enforce stricter security measures based on request attributes. It also enhances protection against XSS, clickjacking, and other web-based threats, making it a better choice for applications requiring stronger security controls. Additionally, it enables better auditability by allowing custom logging and analysis of HTTP requests. While it introduces slight latency and additional costs, its ability to dynamically manage security headers and adapt to evolving threats makes it the preferred solution.
I hope this helps.
Regards,
Neil @ Tutorials Dojo
