Configures multiple accelerated domain names at a time.

Note T
  • he maximum number of times that each user can call this operation per second is 30.
  • You can specify multiple domain names (no more than 50) and separate them with commas (,).

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes BatchSetCdnDomainConfig

The operation that you want to perform. Set the value to BatchSetCdnDomainConfig.

DomainNames String Yes example.com

The accelerated domain names. You can specify multiple accelerated domain names and separate them with commas (,).

Functions String Yes [{"functionArgs":[{"argName":"domain_name","argValue":"example.aliyundoc.com"}],"functionName":"set_req_host_header"}]
The features that you want to configure. Format:
[
 {
   "functionArgs": [
    {
     "argName": "Parameter key", 
     "argValue": "Parameter value"
    }, 
  {
    "argName": "Parameter key", 
    "argValue": "Parameter value"
     }
 ], 
 "functionName": "Feature name"
    }
]

Separate parameters with commas (,).

The following table describes how to set and query configid.

Scenario

API operation

Adds a configuration record.

Perform the BatchSetCdnDomainConfig operation. After the operation succeeds, a configid is generated.

Queries a configuration record.

Perform the DescribeCdnDomainConfigs operation. If the operation succeeds, a configid is generated.

Modifies a configuration record.

Perform the BatchSetCdnDomainConfig operation and specify a configid.

Deletes a configuration record.

Perform the DeleteSpecificConfig operation and specify a configid.

Usage notes on configid:
  • How a configid is generated: Perform the BatchSetCdnDomainConfig operation to configure a feature for a domain name. If the operation succeeds, a configid is generated and returned.
    • Sample request:
      action: BatchSetCdnDomainConfig
      params: {"Functions":[{"functionArgs":[{"argName":"value","argValue":"test"},{"argName":"key","argValue":"User-Agent"}],"functionName":"set_req_header"}],"domainNames":"example.com"}
      product: cdn
    • Sample success response:
      {
          "code": "200", 
          "data": {
      "DomainConfigList": {
                  "DomainConfigModel": [
                      {
                          "FunctionName": "set_req_header", 
                          "DomainName": "example.aliyundoc.com", 
                          "ConfigId": 19571990834****
                      }
                  ]
              }, 
              "RequestId": "4FF61A1D-E697-5E6C-9E5D-7D1E1529****"
          }, 
          "httpStatusCode": "200", 
          "requestId": "4FF61A1D-E697-5E6C-9E5D-7D1E1529****", 
          "successResponse": true
      }
    • Add multiple rules

      Some features support more than one rule. The following example shows how to add multiple rules at a time:

      Example: Configure the set_resp_header feature for the domain name example.aliyundoc.com. The following two rules are added:

      • Rule 1: key=123,value=123
      • Rule 2: key=test,value=test
        
                    action: BatchSetCdnDomainConfig
                    params: {
                        "domainNames": "example.aliyundoc.com", 
                        "functions": [
                            {
                                "functionArgs": [
                                    {
                                        "ArgValue": "123", 
                                        "ArgName": "key"
                                    }, 
                                    {
                                        "ArgValue": "123", 
                                        "ArgName": "value"
                                    }
                                ], 
                                "functionName": "set_resp_header"
                            }, 
                            {
                                "functionArgs": [
                                    {
                                        "ArgValue": "test", 
                                        "ArgName": "key"
                                    }, 
                                    {
                                        "ArgValue": "test", 
                                        "ArgName": "value"
                                    }
                                ], 
                                "functionName": "set_resp_header"
                            }
                        ]
                    }
                    product: cdn
                    
                    
      • Add multiple configuration records
        Some features, such as filetype_based_ttl_set, support multiple configuration records. If you want to update one of the configuration records, specify the ID of the configuration record (configId).
        
                [
                {
                    "functionArgs": [
                            {
                                "argName": "file_type", 
                                "argValue": "jpg"
                            }, 
                            {
                                "argName": "ttl", 
                                "argValue": "18"
                            }
                        ], 
                        "functionName": "filetype_based_ttl_set", 
                        "configId": 5068995
                    }
                ]
                
  • How to query the configid: Perform the DescribeCdnDomainConfigs operation. If the operation succeeds, a configid is returned.
    • Sample request:
      action: DescribeCdnDomainConfigs
          params: {"domainName":"example.aliyundoc.com","functionNames":"set_req_header"}
          product: cdn
    • Sample response:
      {
              "code": "200", 
              "data": {
                  "RequestId": "51B7DF03-A7AE-56ED-BF1E-D16F6A6B****", 
                  "DomainConfigs": {
                      "DomainConfig": [
                          {
                              "Status": "configuring", 
                              "FunctionName": "set_req_header", 
                              "FunctionArgs": {
                                  "FunctionArg": [
                                      {
                                          "ArgValue": "test", 
                                          "ArgName": "value"
                                      }, 
                                      {
                                          "ArgValue": "User-Agent", 
                                          "ArgName": "key"
                                      }
                                  ]
                              }, 
                              "ConfigId": 19572306654****
                          }
                      ]
                  }
              }, 
              "httpStatusCode": "200", 
              "requestId": "51B7DF03-A7AE-56ED-BF1E-D16F6A6B****", 
              "successResponse": true
          }
  • How to use a configid:
    • If you want to update a configuration record, perform the BatchSetCdnDomainConfig operation and specify the configid.
      action: BatchSetCdnDomainConfig 
      params: {
          "Functions": [
              {
                  "functionArgs": [
                      {
                          "argName": "value", 
                          "argValue": "123456"
                      }, 
                      {
                          "argName": "key", 
                          "argValue": "User-Agent"
                      }
                  ], 
                  "functionName": "set_req_header", 
                  "configId": 19571990834****
              }
          ], 
          "domainNames": "example.com"
      }
      product: cdn
    • If you want to delete a configuration record, perform the DeleteSpecificConfig operation and specify the configid.
      
      action: DeleteSpecificConfig
      params: {
          "configId": 19571990834****, 
          "functionName": "set_req_header", 
          "domainName": "example.aliyundoc.com"
      }
      product: cdn
                                  

Note: Specify parameter values in a string.

FunctionID

Feature

Parameter

References

1

referer_white_list_set: configures a referer whitelist.

refer_domain_allow_list: specifies the referers to be added to the whitelist. Separate referers with commas (,).

allow_empty: specifies whether requests with an empty referer header are allowed to access CDN resources. Valid values: on and off.

Configure a referer whitelist or blacklist to enable hotlink protection

5

referer_black_list_set: configures a referer blacklist.

refer_domain_deny_list: specifies the referers to be added to the blacklist. Separate referers with commas (,).

allow_empty: specifies whether requests with an empty referer header are allowed to access CDN resources. Valid values: on and off.

Configure a referer whitelist or blacklist to enable hotlink protection

6

filetype_based_ttl_set: sets a time-to-live (TTL) value for cached files.

ttl: specifies the time period after which the cached files expire. Unit: seconds.

file_type: specifies the file types. You can specify multiple file types and separate them with commas (,). Example: TXT,JPG.

weight: specifies the weight of the expiration rule. Maximum value: 99. Minimum value: 1. A greater value indicates a higher priority.

Set a TTL value for cached resources

7

path_based_ttl_set: sets a TTL value for a directory.

ttl: specifies the period of time after which the cached resources expire. Unit: seconds.

path: specifies a directory. It must start with a forward slash (/).

weight: specifies the weight of the expiration rule. Maximum value: 99. Minimum value: 1. A greater value indicates a higher priority.

Set a TTL value for cached resources

10

oss_auth: configures authentication for requests destined for an Object Storage Service (OSS) bucket.

oss_bucket_id: specifies the endpoint of the OSS bucket.

If the origin server is an OSS bucket, authentication is automatically configured.

13

ip_black_list_set: configures an IP blacklist.

ip_list: specifies the IP addresses to be added to the whitelist. Separate IP addresses with commas (,).

Configure an IP address blacklist or whitelist

69

ip_allow_list_set: configures an IP whitelist.

ip_list: specifies the IP addresses to be added to the whitelist. Separate IP addresses with commas (,).

Configure an IP address blacklist or whitelist

14

ip_white_list_set: configures Taobao Missile Defense.

ip_list: specifies the IP addresses to be added to the whitelist. Separate IP addresses with commas (,).

N/A

15

error_page: redirects requests to a specified error page.

error_code: specifies the HTTP status code.

rewrite_page: specifies the error page to which requests are redirected when the specified HTTP status code occurs.

Customize an error page

18

set_req_host_header: configures the custom header for requests that are redirected to the origin server.

domain_name: specifies a domain name that is used as the origin host.

Configure an origin host

19

set_hashkey_args: retains specified URL parameters.

hashkey_args: specifies the URL parameters to be retained. Separate parameters with commas (,). You can specify up to 10 parameters to be retained.

disable: A value of on indicates that all URL parameters are deleted. A value of off indicates that all URL parameters are retained. The hashkey_args setting has a higher priority. Even if you have set this parameter to on, the parameters specified in hashkey_args are retained.

keep_oss_args: specifies whether to retain all URL parameters in requests before they are redirected to origin servers. A value of on indicates that all URL parameters are retained in requests before they are redirected to origin servers. A value of off indicates that only the parameters specified in hashkey_args are retained.

Enable Alibaba Cloud CDN to retain only specified URL parameters and ignore other URL parameters

25

aliauth: configures URL signing.

auth_type: specifies the signing type. A value of no_auth disables authentication. A value of type_a indicates type A signing. A value of type_b indicates type B signing. A value of type_c indicates type C signing.

auth_key1: specifies the primary cryptographic key. The cryptographic key must be 16 to 32 characters in length, and can contain letters and digits.

auth_key2: specifies the secondary cryptographic key. The cryptographic key must be 16 to 32 characters in length, and can contain letters and digits.

ali_auth_delta: customizes the buffer time for authentication.

Configure URL signing

27

set_resp_header: sets a response header. To verify the setting, you can check the response messages on a web browser.

key: specifies the response header. This parameter is required.

value: specifies the value of the response header. This parameter is required. Enter null if you want to delete the header.

header_operation_type: specifies the action to be performed on a request header. Valid values: add, delete, modify, and rewrite. add: adds a request header. delete: deletes a request header. modify: modifies a request header. rewrite: replaces a request header.

duplicate: specifies whether duplicate response headers are allowed. Valid values: on and off.

header_source: searches for the source of the request header.

header_destination: replaces the request header.

match_all: specifies whether to match against all responses. Valid values: on and off.

access_origin_control: specifies whether to enable cross-origin resource sharing (CORS). Valid values: on and off.

Create a custom HTTP response header

44

https_force: redirects requests from HTTP to HTTPS.

enable: specifies whether to enable this feature. Valid values: on and off.

Configure URL redirection

45

https_force: redirects requests from HTTPS to HTTP.

enable: specifies whether to enable this feature. Valid values: on and off.

Configure URL redirection

78

https_option: sets basic HTTPS parameters.

http2: specifies whether to enable HTTP/2. Valid values: on and off.

ocsp_stapling: specifies whether to enable Online Certificate Status Protocol (OCSP) stapling. Valid values: on and off.

Configure an SSL certificate, Configure HTTP/2, and Configure OCSP stapling

47

forward_scheme: configures the static origin protocol policy.

enable: specifies whether to enable this feature. Valid values: on and off.

scheme_origin: specifies the protocol policy that is used to communicate with the origin server. Valid values: http, https, and follow.

Configure the origin protocol policy

96

tmd_signature: sets a custom rate limiting rule.

name: specifies the name of the rule. It must be unique within the domain name.

path: specifies the URI path. You can specify duplicate URI paths. However, you must verify their validity.

pathType: specifies the match mode. Valid values: 0 and 1. A value of 0 indicates prefix match. A value of 1 indicates exact match.

interval: specifies the interval at which the data is monitored. Unit: seconds. The interval must be at least 10 seconds.

count: specifies the maximum number of visits that can be sent from an individual IP address.

action: specifies the operation to be performed after specified conditions are met. Valid values: 0 (block) and 1 (bot detection).

ttl: specifies the period of time during which the object remains blocked. Unit: seconds.

object: specifies the type of object to be blocked.

rule: specifies the rule for blocking specified objects.

Configure rate limiting

39

set_req_header: customizes an HTTP header for requests that are redirected to the origin server.

set_req_header is supported by version 1. We recommend that you use origin_request_header, which is supported by version 2 and provides more features.

key: specifies the name of the request header.

value: specifies the value of the request header.

Configure a request header for back-to-origin requests

85

l2_oss_key: retrieves your content from private OSS buckets.

private_oss_auth: specifies whether to enable this feature. Valid values: on and off.

Grant Alibaba Cloud CDN access permissions on a private OSS bucket

31

range: configures object chunking to retrieve content from the origin server based on HTTP range requests.

enable: specifies whether to enable this feature. Valid values: on, off, and force.

Configure object chunking

30

video_seek: configures video seeking.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

flv_seek_by_time: specifies whether to enable Flash Video (FLV) seeking by time. Valid values: on and off.

mp4_seek_start: customizes MP4 video start parameters.

mp4_seek_end: customizes MP4 video end parameters.

flv_seek_start: customizes FLV video start parameters.

flv_seek_end: customizes FLV video end parameters.

Configure video seeking

75

ali_remove_args: deletes URL parameters.

ali_remove_args: specifies the parameters to be deleted. Separate multiple parameters with spaces. The remaining parameters are used as the URL parameters in hashkey_args. The ali_remove_args parameter is required.

keep_oss_args: specifies whether to retain URL parameters in requests before they are redirected to origin servers. A value of on indicates that all URL parameters are retained in requests before they are redirected to origin servers. A value of off indicates that only the parameters in the hashkey_args are retained.

Enable Alibaba Cloud CDN to delete URL parameters

110

https_tls_version: configures the TLS protocol.

tls10: configures TLS 1.0. Valid values: on and off. Default value: on.

tls11: configures TLS 1.1. Valid values: on and off. Default value: on.

tls12: configures TLS 1.2. Valid values: on and off. Default value: on.

tls13: configures TLS 1.3. Valid values: on and off. Default value: off.

Configure TLS version control

112

HSTS: configures HSTS.

enabled: specifies whether to enable this feature. This parameter is required. Valid values: on and off. Default value: off.

https_hsts_max_age: specifies the validity period of the HSTS policy. This parameter is required. Unit: seconds. We recommend that you set the value to 5184000. This value equals 60 days.

https_hsts_include_subdomains: specifies whether the HSTS header contains the includeSubDomains parameter. Valid values: on and off. Use caution when you enable this feature. Make sure that HTTPS is enabled for all the subdomains of the domain name to be accelerated. Otherwise, the HTTPS URLs to which users are redirected from the subdomains become inaccessible.

Configure HSTS

63

filetype_force_ttl_code: specifies a TTL value for HTTP status codes based on file types.

file_type: specifies the file types. You can specify one or more file types. Separate file types with commas (,), for example, TXT,JPG. This parameter is required.

code_string: specifies the HTTP status codes. Separate status codes with commas (,). This parameter is required. Example: 302=0,301=0,4xx=2.

Create a cache expiration rule for HTTP status codes

65

path_force_ttl_code: specifies a TTL value for HTTP status codes based on directories.

path: specifies a directory. It must start with a forward slash (/), for example, /image. This parameter is required.

code_string: specifies the HTTP status codes. Separate status codes with commas (,). This parameter is required. Example: 302=0,301=0,4xx=2.

Create a cache expiration rule for HTTP status codes

35

gzip: optimizes pages by using GNU zip (Gzip) compression.

enable: specifies whether to enable the feature. Valid values: on and off.

Configure intelligent compression

16

tesla: configures page optimization to speed up page loading.

enable: specifies whether to enable the feature. This parameter is required. Valid values: on and off.

trim_js: specifies whether to optimize the JavaScript code of HTML pages. Valid values: on and off.

trim_css: specifies whether to optimize the CSS code of HTML pages. Valid values: on and off.

Configure HTML optimization

114

https_origin_sni: configures the origin Server Name Indication (SNI) feature.

enabled: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

https_origin_sni: configures the origin SNI settings. This parameter is required.

Configure SNI

72

limit_rate: configures traffic throttling for individual requests.

ali_limit_rate: specifies the maximum amount of data that can be transmitted per second after traffic throttling is triggered, such as 200 KB or 1 MB. Unit: byte/s. This parameter is required.

ali_limit_rate_after: specifies the maximum amount of data that can be transmitted before traffic throttling is triggered. Unit: byte/s.

traffic_limit_arg: specifies the name of the URL parameter based on which traffic throttling is triggered. Example: rate.

traffic_limit_unit: specifies the unit for traffic throttling. Valid values: k, m, and g. For example, when the ali_limit_rate_after parameter is set to 1, the maximum data transfer rate can be 1 MB/s, 1 KB/s, or 1 GB/s.

ali_limit_start_hour: specifies the start time of traffic throttling. Valid values: 0 to 24. Default: 0. The start time must be earlier than the end time.

ali_limit_end_hour: specifies the end time of traffic throttling. Valid values: 0 to 24. Default: 24. The end time must be later than the start time.

N/A

97

brotli: configures Brotli compression.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

brotli_level: specifies the compression level. Valid values: 1 to 11.

Brotli compression

58

ali_ua: configures a User-Agent blacklist or whitelist.

ua: specifies user agents. You can enter a wildcard character (*) or multiple values. Seperate values with vertical bars (|). Example: *curl*|*IE*|*chrome*|*firefox*.

type: specifies a blacklist or whitelist. You can specify only a blacklist or a whitelist.

Configure a User-Agent blacklist or whitelist

43

host_redirect: configures URL rewrite.

regex: specifies the URL to be rewritten. Example: ^/$.

replacement: specifies the final URL, for example, /go/act/sale/tbzlsy.php.

flag: Valid values are redirect and break.

Create a URI rewrite rule

191

quic: configures basic parameters of Quick UDP Internet Connections (QUIC).

quic_enable: specifies whether to enable QUIC. Valid values: on and off.

N/A

124

forward_timeout: configures the timeout period for requests that are redirected to the origin server.

forward_timeout: specifies a time period, in seconds. We recommend that you set a value that is at most 100.

Set a timeout period for HTTP requests

204

ali_video_split: configures audio extraction.

enabled: specifies whether to enable this feature. Valid values: on and off.

Configure audio extraction

194

ipv6: configures IPv6.

switch: specifies whether to enable IPv6. A value of on enables IPv6. A value of off disables IPv6. This parameter is required.

region: specifies the region where you want to enable IPv6. You can enter an asterisk (*) to specify all regions.

Configure IPv6

205

ali_video_preview: configures video preview.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off. The video preview feature supports the TS and MP3 formats. For FLV and MP4 video files, visitors can advance and rewind videos.

ali_video_preview_argument: specifies the length of the videos that can be previewed by visitors. The parameter value must be measured in seconds. This parameter is required.

Cofigure audio or video preview

207

default_ttl_code: sets a TTL value for specified HTTP status codes.

default_ttl_code: specifies a TTL value for HTTP status codes. Unit: seconds. Example: 4xx=3, 200=3600, and 5xx=1. Separate HTTP status codes with commas (,). This parameter is required.

N/A

180

edge_function: configures EdgeScript (ES).

Required parameters:

rule: specifies the domain-specific language (DSL) script.

pri: specifies the priority of the script.

enable: specifies whether to enable the script. Valid values: on and off.

Optional parameters:

name: specifies the name of the script. The name can contain only letters and underscores (_).

pos: specifies whether to execute the script at the start or end of the request processing pipeline.

brk: specifies that after the current script is matched, the subsequent scripts at the specified position are skipped.

option: specifies extensions that are used to perform response header debugging.

grammar: an extension used to specify the scripting language. Valid values: es2 and js. You can also leave this parameter empty.

jsmode: an extension used to manage the domain name whitelist in JavaScript. Valid value: redirect and bypass.

EdgeScript

219

follow_302: configures 302 redirection.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

max_tries: The maximum number of back-to-origin times. Default value: 2. Valid values: 1 to 6. Number of back-to-origin times - 1 = Number of 302 redirects.

retain_args: Valid values are on and off. If you set the value to on, request parameters are retained in 302 redirects. Default value: off.

retain_header: Valid values are on and off. If you set the value to on, request headers are retained in 302 redirects. Default value: off.

Configure 302 redirection

186

aws_s3_bucket: specifies the Amazon Web Services (AWS) Simple Storage Service (S3) buckets that require authentication.

enable: specifies whether to enable the feature. Valid values: l2 and off.

bucketname: specifies the names of the AWS S3 buckets.

accesskey: required. It specifies the access key issued by AWS.

secretkey: specifies the AWS access key secret. This parameter is required.

region: specifies the Region where the AWS S3 bucket is deployed. This parameter is required.

N/A

223

origin_certificate_verification: verifies origin certificates.

enabled: specifies whether to enable this feature. Valid values: on and off. A value of on enables origin certificate verification. A value of off disables origin certificate verification.

common_name_whitelist: specifies the common names to be added to the whitelist. Certificates whose common names are on the whitelist can pass the verification.

N/A

212

origin_dns_host: specifies the origin server.

ali_origin_dns_host: specifies the domain name used in back-to-origin DNS queries. This parameter is required.

N/A

8

cc_defense: specifies the order of custom rate limiting rules.

tmdRules: sorts the custom rate limiting rules in a specified order. Separate rules with commas (,).

Configure rate limiting

214

cc_rule: configures rate limiting.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

template: specifies the template. Valid values are normal, attack, and none. This parameter is required.

argCheck: configures parameter check. Valid values are on and off. This parameter is required.

Configure rate limiting

224

back_to_origin_argument_rewrite: configures parameter rewrite.

Action priorities: Add > Delete > Reserve > Modify. Separate parameters with spaces.

delete_argument: specifies the parameters to be deleted.

save_argument: specifies the parameters to be retained. Only the specified parameters are retained. The Add and Delete rules take effect at the same time.

ignore_all_argument: specifies whether to delete all parameters in requests that are redirected to the origin server. Valid values: on and off. However, parameters added by the Add action are reserved.

add_argument: specifies parameters to be added. The Add action has the highest priority.

modify_argument: specifies the parameters to be modified. The Modify action has the lowest priority. Parameters specified by the Delete action are not retained.

enable: specifies whether to enable this feature. Valid values: on and off.

Configure parameter filtering

225

back_to_origin_url_rewrite: configures URL rewrite.

source_url: specifies the URL to be rewritten. This parameter is required.

target_url: specifies the final URL. This parameter is required.

flag: specifies an action. Valid values: null, break, and enhance_break. null: continues to apply subsequent rewrite rules after applying the current rule. break: stops applying subsequent rewrite rules after applying the current rule. enhance_break: applies the current rewrite rule to both the URL and its parameters, and then stops applying subsequent rules. This action is also effective on FLV streaming.

Configure URI rewrite

227

self_defined_cachekey: specifies a custom cachekey.

uri: specifies a URL.

args: specifies the operation to be performed on the parameters.

headers: the HTTP header.

variable: custom variables.

Custom cache keys

235

advanced_origin: configures advanced back-to-origin routing settings.

variable_type: specifies the type of variable. Valid values are header, arg, uri, and cookie. This parameter is required.

variable: specifies a variable. This parameter is required.

conditions: specifies conditions. Valid values are == and !=.

value: specifies a value. This parameter is required.

origin: specifies the domain name used in back-to-origin DNS queries. This parameter is required.

N/A

228

origin_request_header: configures HTTP request headers for back-to-origin requests.

header_operation_type: required. It specifies the action in the request header. Supported actions are add, delete, modify, and rewrite. The add action adds a header. The delete action deletes a header. The modify action modifies a header. The rewrite action rewrites a header.

header_name: specifies the name of the request header. This parameter is required.

header_value: specifies the value of the request header.

duplicate: specifies whether duplicate request headers are allowed. Valid values: on and off.

header_source: searches for the source of the response header.

header_destination: replaces the response header.

match_all: specifies whether to match all responses. Valid values: on and off.

Rewrite HTTP headers in back-to-origin requests

229

origin_response_header: configures HTTP response headers.

header_operation_type: specifies the action to be performed on the response header. This parameter is required. Valid values: add, delete, modify, and rewrite. add: adds a response header. delete: deletes a response header. modify: modifies a response header. rewrite: rewrites a response header.

header_name: specifies the name of the response header. This parameter is required.

header_value: specifies the value of the response header.

duplicate: specifies whether duplicate response headers are allowed. Valid values: on and off.

header_source: searches for the source of the response header.

header_destination: replaces the response header.

match_all: specifies whether to match against all responses. Valid values: on and off.

Rewrite HTTP headers in responses from an origin server

209

ddos_domain: configures DDoS mitigation.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

args: specifies the operation to be performed on the parameters.

dispatch_target: specifies the object for which DDoS mitigation is enabled. This parameter is required.

attack_dispatch_partner is required.

dispatch_target_type: specifies the type of object for which DDoS mitigation is enabled. Valid values are IP and cname. This parameter is required.

dispatch_qps: specifies the maximum number of queries per second before DDoS mitigation is triggered in mainland China.

Integrate Alibaba Cloud CDN with Anti-DDoS

57

ali_location: specifies the regions from which requests are blocked.

ali_origin_dns_host: specifies the domain name used in back-to-origin DNS queries. This parameter is required.

Block regions

253

hls_token_rewrite: configures M3U8 encryption and rewrite.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

hls_token_arg_name: specifies the name of the parameter that you want to append. If you do not set the parameter, MtsHlsUriToken is used as the name of the appended parameter.

M3U8 encryption and rewrite

258

cdn_remote_auth: configures remote authentication.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

remote_auth_addr: specifies the address of the authentication server. This parameter is required. Format: <props>https://cdn.aliyun.com/auth or <props>http://10.10.10.10/auth.

remote_auth_method: specifies the request method. Valid values: get, post, and head. This parameter is required.

remote_auth_type: specifies the type of file to be authenticated. This parameter is required. A value of all specifies all types. Separate different file types with vertical bars (|). The value is case-sensitive. For example, jpg is different from JPG.

remote_auth_reserve_args: specifies whether to retain parameters. A value of all specifies to retain all parameters. Separate multiple parameters with vertical bars (|). A value of ali_delete_all_args specifies to delete all URL parameters. The value is case-sensitive. For example, key is different from KEY. This parameter is required.

remote_auth_custom_args: adds custom parameters. Separate parameters with vertical bars (|). The value is case-sensitive. For example, key is different from KEY. This parameter is optional.

remote_auth_reserve_header: specifies whether to retain request headers. A value of all specifies to retain all request headers. Separate request headers with vertical bars (|). A value of ali_delete_all_headers specifies to delete all request headers. The value is case-insensitive. For example, http_remote_addr is the same as HTTP_Remote_Addr. This parameter is required.

remote_auth_custom_header: adds custom request headers. Separate request headers with vertical bars (|). The value is case-insensitive. For example, http_remote_addr is the same as HTTP_Remote_Addr. This parameter is optional.

remote_auth_success_code: specifies the response code to return to CDN when the authentication is successful. This parameter is required. For example, if you set the value to 200, the authentication server will return the response code 200 to CDN when the authentication is successful.

remote_auth_fail_code: specifies the response code to return to CDN when the authentication fails. This parameter is required. For example, if you set the value to 403, the authentication server will return the response code 403 to CDN when the authentication fails.

remote_auth_fail_resp_code: specifies the response code to return to the user when the authentication fails. This parameter is required. For example, if you set the value to 403, CDN will return the response code 403 to the user when the authentication fails.

remote_auth_timeout: specifies the timeout period for authentication. This parameter is required. Unit: milliseconds. Example: 500. Maximum value: 3000.

remote_auth_timeout_action: specifies the action after the authentication times out. This parameter is required. Valid values: pass and reject. If you set the value to pass, CDN allows user requests after the authentication fails. If you set the value to reject, CDN returns the specified response code to the user and rejects user requests.

Configure remote authentication

239

image_transform: configures image editing.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

filetype: specifies the image formats that support transcoding. Separate formats with vertical bars (|). This parameter is required.

webp: specifies whether to automatically convert images to the WebP format if the client supports the WebP format. WebP images have smaller sizes. Valid values: on and off.

orient: specifies whether to enable automatic rotation for images. Valid values: on and off. This parameter takes effect only for images that support automatic rotation.

slim: specifies whether to enable image compression without changing the resolution, size, or format.

Configure image editing

270

allowed_crawlers: configures a crawler whitelist.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

search_engines_ip: specifies IP addresses of search engines. Valid values: observer, allow, and off.

N/A

271

threat_intelligence: configures the threat intelligence feature.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

malicious_machine_fingerprint_high: specifies high-risk fingerprints. Valid values: observer, block, and off.

malicious_machine_fingerprint_medium: specifies medium-risk fingerprints. Valid values: observer, block, and off.

malicious_machine_fingerprint_normal: specifies low-risk fingerprints. Valid values: observer, block, and off.

malicious_crawler_ip: specifies malicious crawler IP addresses. Valid values: observer, block, and off.

malicious_proxy_ip: specifies malicious proxy IP addresses. Valid values: observer, block, and off.

N/A

272

intelligent_algorithm: configures AI protection.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

fingerprint_intelligent_algorithm: specifies AI protection algorithms. Valid values: on and off.

N/A

275

edgeroutine: configures EdgeRoutine.

enable: specifies whether to enable this feature. This parameter is required. Valid values: on and off.

edge_routine_id: specifies a script ID. The ID can contain letters, digits, and hyphens (-). This parameter is required.

edge_routine_mode: specifies the mode in which the script is triggered. Value values: redirect and bypass. Default value: redirect.

edge_routine_fallback_cdn: specifies whether to allow Alibaba Cloud CDN to take over if the script fails. Valid values: on and off. Default value: off.

Features of EdgeRoutine

242

origin_host: specifies the origin host.

origin: specifies the origin server. This parameter is required.

host: specifies the host. This parameter is required.

N/A

250

condition: specifies advanced condition 2.0.

rule: specifies the content of the condition. This parameter is required.

name: specifies the name of the rule.

N/A

276

ali_origin_port_scheme: specifies the port and protocol of the origin server.

port: This parameter is required. If you set scheme to follow, set the value in the http:80|https:443 format.

scheme: This parameter is required. Valid values: follow, http, and https.

N/A

262

origin_sni: configures SNI settings for back-to-origin routing.

origin: specifies the origin server. This parameter is required.

sni_host: specifies the SNI host. This parameter is required.

keepalive_sni: specifies whether to match persistent connections against SNI hosts. If this feature is enabled, different SNI hosts use different persistent connections. Valid values: on and off. This parameter is optional.

N/A

Response parameters

Parameter Type Example Description
DomainConfigList Array of DomainConfigModel

The IDs of configurations for the specified domain names.

DomainConfigModel
ConfigId Long 1234567

The ID of the configuration.

DomainName String www.example.com

The domain name.

FunctionName String set_req_host_header

The feature.

RequestId String 04F0F334-1335-436C-A1D7-6C044FE73368

The ID of the request.

Examples

Sample requests

http://cdn.aliyuncs.com/?Action=BatchSetCdnDomainConfig
&DomainName=example.com,example.org
&Functions=[{"functionArgs":[{"argName":"domain_name","argValue":"example.aliyundoc.com"}],"functionName":"set_req_host_header"}]
&<Common request parameters>

Sample success responses

XML format

<BatchSetCdnDomainConfigResponse>
  <RequestId>04F0F334-1335-436C-A1D7-6C044FE73368</RequestId>
  <DomainConfigModel>
        <DomainName>www.example.com</DomainName>
        <ConfigId>1234567</ConfigId>
        <FunctionName>set_req_host_header</FunctionName>
  </DomainConfigModel>
</BatchSetCdnDomainConfigResponse>

JSON format

{
    "RequestId": "04F0F334-1335-436C-A1D7-6C044FE73368",
    "DomainConfigModel": [
        {
            "DomainName": "www.example.com",
            "ConfigId": 1234567,
            "FunctionName": "set_req_host_header"
        }
    ]
}

Error codes

HttpCode Error code Error message Description
400 InvalidFunctions.Malformed The specified Functions is incorrectly formatted. The error message returned because the format of the configuration is invalid.
400 InvalidArgValue.Malformed The specified ArgValue is invalid. The error message returned because the parameter is set in an invalid format. Set the parameter in a valid format and try again.
400 MissingParameter%s The specified value of ArgName[%s] is missing. The error message returned because a required parameter is not set.
400 InvalidFunctionArgs.Malformed The specified FunctionArgs is invalid. The error message returned because the FunctionName parameter is set in an invalid format.
400 InvalidHeaderKey.ValueNotSupported The specified value of parameter HeaderKey is not supported. The error message returned because the specified HTTP header is invalid. Valid values of the Key parameter: Content-Type, Cache-Control, Content-Disposition, Content-Language, Expires, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Max-Age, Access-Control-Expose-Headers, and Access-Control-Allow-Credentials.
400 ConfigurationConflicts The staging environment has a configuration in effect and cannot modify the production environment configuration. The error message returned because the configurations of the staging environment are different from those of the production environment. You cannot directly modify the configurations of the production environment. You must modify the configuration in the staging environment and then publish the configuration to the production environment.
400 NoPermission.SLR The current user does not have permission to create servicelinkedrole. Please contact the Alibaba Cloud account or administrator to authorize AliyunCDNFullAccess or custom policy:Service Name:cdn-ddos.cdn.aliyuncs.com,Role: AliyunServiceRoleForCDNAccessingDDoS,Permission: ram: CreateServiceLinkedRole The error message returned because you do not have permissions to create service-linked roles. You must contact the owner of the Alibaba Cloud account or permission administrator to acquire the AliyunCDNFullAccess permission or attach a custom permission policy to the service-linked role. Information about the permission policy:Service name: cdn-ddos.cdn.aliyuncs.com.Name of the service-linked role: AliyunServiceRoleForCDNAccessingDDoS.Required permissions: ram:CreateServiceLinkedRole.

For a list of error codes, visit the API Error Center.