origin control policy is wrong #560
Description
examples/aws-node-single-page-app-via-cloudfront/serverless.yml:52 - ie. line 52, there is:
OriginProtocolPolicy: https-only
This is exactly wrong - it should be http-only.
Apart from many other reasons why people would use cloudfront instead of plain-jane s3, one very important one is that you can serve https from it. Not so for S3. S3 is the origin. OriginProtocolPolicy indicates the protocol that cloudfront uses to fetch the assets from s3. and https is not supported by s3.