All Documents
Current Document
Content is empty
If you don't find the content you expect, please try another search term
Found 0 result in total
Content is empty
If you don't find the content you expect, please try another search term
Content Delivery Network (CDN)
API Documentation
Domain Detailed Configuration
SetRequestAuthConfig
Last updated:2024-03-12 18:00:03
You can call this operation to configure hotlinking prevention based on the timestamp and shared key for a domain name.
Note:
Hotlinking prevention based on the timestamp and shared key is disabled by default after a domain name is added.
The API request contains the specified directory /2016-09-01/domain/SetRequestAuthConfig, common request headers, and operation-specific request parameters. For more information, see the sample request.
Header | Required | Type | Description |
|---|---|---|---|
X-Version | Yes | String | The version number. Set the value to 2016-09-01. |
X-Action | Yes | String | The operation that you want to perform. Set the value to SetRequestAuthConfig. |
Parameter | Required | Type | Description |
|---|---|---|---|
DomainId | Yes | String | The ID of the domain name. |
Enable | Yes | String | Specifies whether to enable hotlinking prevention based on the timestamp and shared key. Valid values: on and off. Default value: off. If the Enable parameter is set to on, the AuthType, Key1 and ExpirationTime parameters are required. If the Enable parameter is set to off, the following parameters are ignored. |
AuthType | Yes | String | The hotlinking prevention type. Valid values: typeA and typeB. Default value: typeA. This parameter is required if the Enable parameter is set to on. For more information, see the description below. |
Key1 | Yes | String | The primary shared key, which must be 6 to 128 characters in length and can contain uppercase or lowercase letters (A to Z or a to z) and digits (0 to 9). |
Key2 | No | String | The secondary shared key, which must be 6 to 128 characters in length and can contain uppercase or lowercase letters (A to Z or a to z) and digits (0 to 9). |
ExpirationTime | Yes | Long | The expiration time. Unit: seconds. Valid values: 0 to 31536000. |
typeA: Both the encryption string md5hash and the timestamp are included in the URL parameters.
http://DomainName/FileName?t=timestamp&k=md5hash
typeB: Both the encryption string md5hash and the timestamp are included in the URL path, and the md5hash value is placed before the timestamp.
http://DomainName/md5hash/timestamp/FileName
The timestamp is a decimal UNIX timestamp in seconds, for example, 1566299655. The md5hash value is calculated by using the MD5 algorithm based on the key, URI, and timestamp.
Sample configuration for http://selftest.com/main2.css:
Assume that typeA hotlinking prevention is to be configured, the key is aaaaaaaaaaa, the timestamp is 1566299655, and the URI is /main2.css.
In this case, md5hash = md5(aaaaaaaaaaa/main2.css1566299655) = 2f24a0858b44959f095c7c7eb41c114d.
In this example, the URL accessed after authentication is http://selftest.com/main2.css?t=1566299655&k=2f24a0858b44959f095c7c7eb41c114d.
Sample request
GET method:
GET /2016-09-01/domain/SetRequestAuthConfig?DomainId=2D09XC0&Enable=on& AuthType=typeA& Key1=qwerqyt& ExpirationTime=3600
Host: cdn.api.ksyun.com
X-Amz-Date: date
Authorization:authorization string
x-action: SetRequestAuthConfig
x-version: 2016-09-01POST method:
POST /2016-09-01/domain/SetRequestAuthConfig
Host: cdn.api.ksyun.com
X-Amz-Date: date
Authorization:authorization string
x-action: SetRequestAuthConfig
x-version: 2016-09-01
Content-Type: application/json
{
"DomainId":"2D08M8V",
"Enable":"on",
"AuthType":"typeA",
"Key1":"qwerqyt",
"ExpirationTime":"3600"
}Sample response
Note: If this operation is successfully called, the HTTP status code 200 is returned, without a return value. If this operation fails to be called, the HTTP status code 403 or 400 is returned. For more information about the error codes for the HTTP status code 400, see Usage notes.
Pure Mode