TypeD

Last updated: 2020-03-19 17:57:02

PDF

Algorithm description

Access URL format
http://DomainName/FileName?sign=md5hash&t=timestamp

Algorithm description

  • Timestamp: decimal / hexadecimal (UNIX timestamp) is optional.
  • Md5hash:MD5 (Custom key + File path + timestamp).

Request Sample
http://cloud.tenloud.tencent.com/test.jpg?sign=0f8201d814dfaf64cf54e74c5f7dbcb0&t=1582791032

When calculating MD5, if the request path is http://cloud.tencent.com/test.jpg The path when calculating MD5 is /test.jpg .

Configuration Guid

Parameter description

The required configurations for TypeD are as follows:
** Custom authentication key: ** It is composed of 6-32 bits uppercase and lowercase letters and numbers. The key needs to be kept strictly secret and is known only to the client and the server.
** Custom authentication parameter name and timestamp parameter name: ** Replace the sign in the example with a parameter name consisting of any 1-100-digit uppercase and lowercase letters, numbers or underscores. After receiving the request, CDN takes out the corresponding value according to the specified signature parameters and performs MD5 calculation. If the passed md5hash value is matched, the signature verification is passed. If the verification fails, 403 is returned directly.
** Custom valid time: ** The timestamp value is taken out through the parameter configuration of timestamp, and the valid time of the configuration is compared with the current time to determine whether the request is Expire. If Expire, it will be returned directly.

Effective object

After configuring the key, parameter name and Expire time, you can specify the authentication object as needed, and the following three modes are supported:

  • Authentication verification is required for all files under the specified domain name.
  • It is supported that files of the specified type are not authenticated. Other files need to be authenticated.
  • Specified type files are supported for authentication verification.

Notes

Cache hit rate
For a domain name with TypeD authentication mode enabled, Access URL will carry authentication parameters. When caching resources on CDN nodes, the corresponding parameters will be automatically ignored and cached, which will not affect the hit rate of domain name cache.
Origin-Pull Policy
The domain name with TypeD authentication mode enabled. The format of Access is:
http://DomainName/FileName?sign=md5hash&t=timestamp

After the authentication is passed, if the CDN node is missed, the node will initiate Origin-pull request. The format is consistent with Access's request, and the sign/t parameter will be retained. Real server can ignore or re-check as needed.