- Release Notes and Announcements
- Release Notes
- Security Announcement
- Announcements
- Notice regarding the addition of TrustAsia free certificate issuance source
- [Tencent Cloud EdgeOne] Impact of Root Certificate Changes from Let's Encrypt
- [Tencent Cloud EdgeOne] NS Access Mode Upgrade Announcement
- [Tencent Cloud EdgeOne] VAU Unit Change Notification
- EdgeOne Console Upgrade Instructions
- 【Tencent Cloud EdgeOne】Cloud API Change Notification
- Product Introduction
- Purchase Guide
- Description of 14-day Trial Plan Experience Benefits
- Billing Overview
- Basic Service Fees
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
- Renewals
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
- Getting Started
- Domain Service
- Site Acceleration
- Origin Configuration
- Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Example Overview
- 301 Redirect
- Obtaining Client URL Information
- Customization Based on Client Geo Location
- Obtaining Client Geo Location Information
- Batch Redirect
- Returning an HTML Page
- Returning a JSON Object
- Fetch Remote Resources
- Authenticating a Request Header
- Modifying a Response Header
- Performing an A/B Test
- Setting Cookies
- Performing Redirect Based on the Request Location
- Using the Cache API
- Caching POST Requests
- Responding in Streaming Mode
- Merging Resources and Responding in Streaming Mode
- Protecting Data from Tampering
- Rewriting a m3u8 File and Configuring Authentication
- Adaptive Image Resize
- Image Adaptive WebP
- Customize Referer restriction rules
- Remote Authentication
- HMAC Digital Signature
- Naming a Downloaded File
- Obtaining Client IP Address
- Practical Tutorial
- Security Protection
- Overview
- DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
- Web Protection
- Rules Template
- IP Groups
- Origin Protection
- Custom Response Page
- Alarm Notification
- Rule Engine
- L4 Proxy
- Data Analysis&Log Service
- Tool Guide
- Practical Tutorial
- Configuring EdgeOne Security Event Alarms via TCOP
- EdgeOne Resource Abuse Prevention
- EdgeOne Implementation of Session Persistence Based on Client IP Addresses
- EdgeOne Implementation of Origin-Pull Based on Client's Geo Location
- EdgeOne Hotlink Protection Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- EdgeOne Automatic Cache Purge
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Quickly Enabling HTTPS Access with EdgeOne Free Certificate
- Through traffic orchestration to multiple service providers
- EdgeOne facilitate APKs.s dynamic packaging of Android
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Acceleration Domain Management APIs
- Site Acceleration Configuration APIs
- Edge Function APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- CreateL4Proxy
- ModifyL4Proxy
- ModifyL4ProxyStatus
- DescribeL4Proxy
- DeleteL4Proxy
- CreateL4ProxyRules
- ModifyL4ProxyRules
- ModifyL4ProxyRulesStatus
- DescribeL4ProxyRules
- DeleteL4ProxyRules
- CreateApplicationProxy
- ModifyApplicationProxy
- ModifyApplicationProxyStatus
- DescribeApplicationProxies
- DeleteApplicationProxy
- CreateApplicationProxyRule
- ModifyApplicationProxyRule
- ModifyApplicationProxyRuleStatus
- DeleteApplicationProxyRule
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Load Balancing APIs
- Diagnostic Tool APIs
- Custom Response Page APIs
- Version Management APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- TEO Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Release Notes
- Security Announcement
- Announcements
- Notice regarding the addition of TrustAsia free certificate issuance source
- [Tencent Cloud EdgeOne] Impact of Root Certificate Changes from Let's Encrypt
- [Tencent Cloud EdgeOne] NS Access Mode Upgrade Announcement
- [Tencent Cloud EdgeOne] VAU Unit Change Notification
- EdgeOne Console Upgrade Instructions
- 【Tencent Cloud EdgeOne】Cloud API Change Notification
- Product Introduction
- Purchase Guide
- Description of 14-day Trial Plan Experience Benefits
- Billing Overview
- Basic Service Fees
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
- Renewals
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
- Getting Started
- Domain Service
- Site Acceleration
- Origin Configuration
- Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Example Overview
- 301 Redirect
- Obtaining Client URL Information
- Customization Based on Client Geo Location
- Obtaining Client Geo Location Information
- Batch Redirect
- Returning an HTML Page
- Returning a JSON Object
- Fetch Remote Resources
- Authenticating a Request Header
- Modifying a Response Header
- Performing an A/B Test
- Setting Cookies
- Performing Redirect Based on the Request Location
- Using the Cache API
- Caching POST Requests
- Responding in Streaming Mode
- Merging Resources and Responding in Streaming Mode
- Protecting Data from Tampering
- Rewriting a m3u8 File and Configuring Authentication
- Adaptive Image Resize
- Image Adaptive WebP
- Customize Referer restriction rules
- Remote Authentication
- HMAC Digital Signature
- Naming a Downloaded File
- Obtaining Client IP Address
- Practical Tutorial
- Security Protection
- Overview
- DDoS Protection
- DDoS Protection Overview
- Exclusive DDoS Protection Usage
- Configuration of Exclusive DDoS protection Rules
- Web Protection
- Rules Template
- IP Groups
- Origin Protection
- Custom Response Page
- Alarm Notification
- Rule Engine
- L4 Proxy
- Data Analysis&Log Service
- Tool Guide
- Practical Tutorial
- Configuring EdgeOne Security Event Alarms via TCOP
- EdgeOne Resource Abuse Prevention
- EdgeOne Implementation of Session Persistence Based on Client IP Addresses
- EdgeOne Implementation of Origin-Pull Based on Client's Geo Location
- EdgeOne Hotlink Protection Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- EdgeOne Automatic Cache Purge
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Quickly Enabling HTTPS Access with EdgeOne Free Certificate
- Through traffic orchestration to multiple service providers
- EdgeOne facilitate APKs.s dynamic packaging of Android
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Acceleration Domain Management APIs
- Site Acceleration Configuration APIs
- Edge Function APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- CreateL4Proxy
- ModifyL4Proxy
- ModifyL4ProxyStatus
- DescribeL4Proxy
- DeleteL4Proxy
- CreateL4ProxyRules
- ModifyL4ProxyRules
- ModifyL4ProxyRulesStatus
- DescribeL4ProxyRules
- DeleteL4ProxyRules
- CreateApplicationProxy
- ModifyApplicationProxy
- ModifyApplicationProxyStatus
- DescribeApplicationProxies
- DeleteApplicationProxy
- CreateApplicationProxyRule
- ModifyApplicationProxyRule
- ModifyApplicationProxyRuleStatus
- DeleteApplicationProxyRule
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Load Balancing APIs
- Diagnostic Tool APIs
- Custom Response Page APIs
- Version Management APIs
- Data Types
- Error Codes
- FAQs
- Agreements
- TEO Policy
- Contact Us
- Glossary
Authentication URL format
http://Hostname/Filename?sign=timestamp-rand-uid-md5hash
Description of authentication fields
Field | Description |
Hostname | Site Acceleration Domain. |
Path | Resource access path, authentication requires prefixing with /. |
sign | Authentication parameters name set by Definition. |
timestamp | Decimal positive integer Unix timestamp (the total number of seconds from 00:00:00, January 1, 1970, UTC time, to now, independent of the timezone) |
rand | 0 - 100 characters, a random string consisting of uppercase and lowercase letters and numbers. |
uid | User ID, currently unused, default is 0. |
md5hash | A fixed length string of 32 bits calculated using the MD5 algorithm: Algorithm: MD5(Path-timestamp-rand-uid-key). Authentication Logic: If the request has not expired, the node compares this string value with the md5hash value carried in the request URL. If the values are the same, authentication passes, and the request is responded to; if the values are different, authentication fails, returning 403. |
Configuration Samples
Assume the request
https://www.example.com/foo.jpg uses Authentication Method A, configured as follows:
Get authentication parameters:
Path:
/foo.jpg.timestamp: The server generates the authentication URL timestamp as July 15, 2024, 15:27:17 (UTC+8), converted to a decimal (Unix timestamp) format value:
1721028437.rand: The generated random number is
Kv4cPTAAP5YTi.uid:
0.Key:
DvYmqE81E1F9R791H6lmht.md5hash:MD5(Path-timestamp-rand-uid-key)= MD5(
/foo.jpg-1721028437-Kv4cPTAAP5YTi-0-DvYmqE81E1F9R791H6lmht)= 0fbdca749d7ab784750685347e42075c.Authentication URL generated by the client request
https://www.example.com/foo.jpg?sign=1721028437-Kv4cPTAAP5YTi-0-0fbdca749d7ab784750685347e42075cNode Authentication
When the Node Server receives a request from the client via the encrypted URL, it extracts the timestamp parameter from the URL, adds the configured Effective duration of "1 second", and compares it to the current time:
1. exceed the "timestamp + effective duration" time, the request is not expired, continue to step 2.
2. The Node Server calculates the md5hash value using the obtained authentication parameters and compares it with the md5hash value carried in the request URL. If the values are the same, authentication passes and the request is responded to; if the values are different, authentication fails, returning 403.
Yes
No
Was this page helpful?