Algorithm description
Access URL formathttp://DomainName/md5hash/timestamp/FileName
Algorithm description
- Timestamp: hexadecimal (UNIX timestamp).
- Md5hash:MD5 (Custom key + File path + timestamp).
Request Samplehttp://cloud.tencent.com/8fe9b5597c809d7ace147468c7c7eadb/5e577978/test/test.jpg
When calculating MD5, if the request path is
http://cloud.tencent.com/test.jpgThe path when calculating MD5 is/test.jpg.
Configuration Guid
Parameter description
The required configurations for TypeC are as follows:
** Custom authentication key: ** It is composed of 6-32 bits uppercase and lowercase letters and numbers. The key needs to be kept strictly secret and is known only to the client and the server.
** Custom valid time: ** By comparing the timestamp value in the request path and the configured valid time with the current time, we can determine whether the request is Expire. If Expire, we will return 403 directly.
Effective object
After configuring the key, parameter name and Expire time, you can specify the authentication object as needed, and the following three modes are supported:
- Authentication verification is required for all files under the specified domain name.
- It is supported that files of the specified type are not authenticated. Other files need to be authenticated.
- Specified type files are supported for authentication verification.
Notes
Cache hit rate
Domain names with TypeC authentication mode enabled will be carried in Access's URL path. When caching resources on CDN nodes, the authentication path will be automatically ignored for caching, which will not affect the hit rate of domain name cache.
Origin-Pull Policy
The domain name with TypeC authentication mode enabled. The format of Access is:http://DomainName/md5hash/timestamp/FileName
After the authentication is passed, if the CDN node is missed, the node will initiate Origin-pull request. Origin-pull request will remove the md5hash and timestamp paths from the path. Real server does not need to do any special treatment.
