tencent cloud

Feedback

Request Header Configuration

Last updated: 2024-12-30 21:37:31

    Configuration Overview

    Tencent Cloud CDN supports adding origin-pull request headers:
    Carries the real client IP to the origin server through the X-Forwarded-For header.
    Carries the real client port to the origin server for analysis through the X-Forward-Port header.
    Adds custom headers.
    You can also set and delete custom origin-pull request headers.

    Configuration Guide

    Viewing the configuration

    Log in to the CDN console, select Domain Management on the left sidebar, and then click Manage on the right of a domain name to enter its configuration page. Select the Origin-pull Configuration tab to find the Origin-pull Request Header Configuration section. The feature is disabled and not pre-configured by default.
    img
    
    

    Operation

    Operation
    Description
    Set
    Sets the value of a specified request header parameter.
    If the target header does not exist, a new one will be added.
    If the origin-pull request header parameter already exists, the new request header will overwrite the old one as duplicate headers are not allowed.
    Add
    Adds a specified origin-pull request header parameter.
    If the target header already exists, the new request header will overwrite the old one as duplicate headers are not allowed.
    Delete
    Deletes a specified request header parameter.
    Note:
    Rules are executed from bottom to top, and the priority is meaningful for the same type of operations only, that is, the priorities of multiple "Set", "Add", and "Delete" rules are independent.
    If an origin-pull request header parameter is configured with multiple rules of different operations, the operations will be conducted in the order of "Add", "Delete", and "Set". For example, if the header X-CDN is configured with rules of "Add", "Delete", and "Set", it will be added, then deleted, and finally set.

    Header parameter

    Header Parameter
    Description
    X-Forwarded-For
    The header used to carry the real client IP. Its value defaults to $client_ip variable, which cannot be modified.
    X-Forward-Port
    The header used to carry the real client port. Its value defaults to $remote_port variable, which cannot be modified.
    Custom header
    Key: 1 to 100 characters, including digits (0 - 9), lowercase letters (a - z), uppercase letters (A - Z), and hyphens (-).
    Value: 1 to 1000 characters. Chinese characters are not supported.
    Some standard headers cannot be set, added, or deleted by the user. For the detailed list, please see Notes.
    Note:
    Up to 10 origin-pull request header rules can be configured.
    Supported rule types: all content, specified file type, specified folder, and specified file. Regex match is currently not supported.

    Configuration Samples

    The origin-pull request header configuration of the acceleration domain name cloud.tencent.com is as follows:
    img
    
    If the accessed resource is http://cloud.tencent.com/test/test.mp4, then:
    1. It hits the * rule, so the header X-Forwarded-For:$client_ip will be added, and $client_ip will be replaced with the real client IP during origin-pull.
    2. It hits both the .mp4 file type tule and /test path rule. The two rules are of the same type, "Add". As the lower rule has the higher priority, the header x-cdn:Tencent is added.
    

    Notes

    In origin-pull request header rules, the following standard headers currently cannot be set, added, or deleted:
    www-authenticate
    authorization
    proxy-authenticate
    proxy-authorization
    age
    cache-control
    clear-site-data
    expires
    pragma
    warning
    accept-ch
    accept-ch-lifetime
    early-data
    content-dpr
    dpr
    device-memory
    save-data
    viewport-width
    width
    last-modified
    etag
    if-match
    if-none-match
    if-modified-since
    if-unmodified-since
    vary
    connection
    keep-alive
    accept
    accept-charset
    expect
    max-forwards
    access-control-allow-origin
    access-control-max-age
    access-control-allow-headers
    access-control-allow-methods
    access-control-expose-headers
    access-control-allow-credentials
    access-control-request-headers
    access-control-request-method
    origin
    timing-allow-origin
    dnt
    tk
    content-disposition
    content-length
    content-type
    content-encoding
    content-language
    content-location
    forwarded
    x-forwarded-host
    x-forwarded-proto
    via
    from
    host
    referer-policy
    allow
    server
    accept-ranges
    range
    if-range
    content-range
    cross-origin-embedder-policy
    cross-origin-opener-policy
    cross-origin-resource-policy
    content-security-policy
    content-security-policy-report-only
    expect-ct
    feature-policy
    strict-transport-security
    upgrade-insecure-requests
    x-content-type-options
    x-download-options
    x-frame-options(xfo)
    x-permitted-cross-domain-policies
    x-powered-by
    x-xss-protection
    public-key-pins
    public-key-pins-report-only
    sec-fetch-site
    sec-fetch-mode
    sec-fetch-user
    sec-fetch-dest
    last-event-id
    nel
    ping-from
    ping-to
    report-to
    transfer-encoding
    te
    trailer
    sec-websocket-key
    sec-websocket-extensions
    sec-websocket-accept
    sec-websocket-protocol
    sec-websocket-version
    accept-push-policy
    accept-signature
    alt-svc
    date
    large-allocation
    link
    push-policy
    retry-after
    signature
    signed-headers
    server-timing
    service-worker-allowed
    sourcemap
    upgrade
    x-dns-prefetch-control
    x-firefox-spdy
    x-pingback
    x-requested-with
    x-robots-tag
    x-ua-compatible
    max-age
    
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support