Serverless Stack

Hi, just wondering if anyone could lend some eyes to my stack overflow question: <https://stackoverflow.com/questions/70665151/how-can-i-only-allow-a-specific-origin-to-access-content-from-cloudfront-s3-orig> I asked a few weeks back and someone recommended CORS but that doesn't seem to be the solution to my problem :smile:

You can't prevent the entire frontend from loading but you can allow it only to be iframed in some locations

<https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options>

Frontends are typically not sensitive, curious why you're looking to lock it down?