http://DomainName/md5hash/timestamp/FileName
Field | Description |
DomainName | CDN domain. |
Filename | Resource access path. During authentication, `Filename` must start with a slash (/). |
timestamp | The time when the server generates the authentication URL. It is a positive hex integer Unix timestamp, which is the total number of seconds between 00:00:00, January 1, 1970, UTC time and the URL generation time. Its definition is irrelevant to the time zone. |
md5hash | A string containing 32 characters calculated based on the MD5 algorithm. It is calculated as follows: • There are no symbols between parameters in md5hash = md5sum(pkeytimestampuri) . • pkey: It can contain 6–40 letters and digits. It should be kept private and disclosed to only the client and server. • uri: It is the resource access path and must start with a slash (/). • timestamp: Its value is the above timestamp . |
timestamp
parameter in the URL and the validity period of the authentication URL and compares it with the current time.timestamp
and the validity period of the authentication URL is before the current time, the server judges that the URL has expired and is invalid and returns the HTTP error code 403.timestamp
and the validity period of the authentication URL is after the current time, the server uses the MD5 algorithm to calculate the value of md5hash
and it with the md5hash
value passed in by the URL. If they are the same, the request will pass the authentication; otherwise, the HTTP error code 403 will be returned.1582791032
(timestamp).http://cloud.tencent.com/test.jpg
Parameter | Value |
URI | Resource access path, which is /test.jpg . |
timestamp | 1582791032 |
pkey | dimtm5evg50ijsx2hvuwyfoiu65 |
http://cloud.tencent.com/ea68b93ac23ebbc6eebf7f163c6e9c4c/1582791032/test.jpg
When the client uses the encryption URL for access, if the md5hash
value calculated by the CDN server is the same as the md5hash
value carried by the access request, which are both ea68b93ac23ebbc6eebf7f163c6e9c4c
in this example, the request will pass the authentication; otherwise, the authentication will fail.http://DomainName/md5hash/timestamp/FileName
md5hash
and timestamp
will be removed from the path. The origin server does not need to process the authentication information.
Was this page helpful?