Configure HTTP request headers - CDN - Alibaba Cloud Documentation Center

By default, Alibaba Cloud CDN supports request headers such as client IP addresses. You can also configure custom request headers. Alibaba Cloud CDN allows you to rewrite HTTP headers in back-to-origin requests. You can add, delete, change, or replace HTTP headers in back-to-origin requests based on your business requirements.

Background information

HTTP request headers are a component of the header section in requests that are transmitted over HTTP. HTTP request headers include specific parameters that are sent to servers.

When points of presence (POPs) retrieve the requested resources from an origin server, the origin server can obtain information that is included in request headers. Alibaba Cloud CDN allows you to rewrite HTTP headers in back-to-origin requests. The information that is included in request headers is passed to the origin server to meet specific business requirements. For example, you can configure the X-Forwarded-For (XFF) header to pass client IP addresses to your origin server.

For information about how the origin server obtains the IP address of a client from the XFF header in the back-to-origin request, see Retrieve the originating IP addresses of clients.

Usage notes

A back-to-origin request is an HTTP message that is transmitted by Alibaba Cloud CDN to the origin server of a specific accelerated domain name. A rewrite rule rewrites only the HTTP headers in requests that are transmitted between an origin server and POPs. A rewrite rule does not rewrite the HTTP headers in requests that are transmitted between POPs and clients.
You cannot specify custom HTTP request headers for wildcard domain names.

By default, Alibaba Cloud CDN supports the following HTTP request headers, which do not need to be configured.

Origin HTTP header	Description	Example
Ali-Cdn-Real-Port	The port that is used by the client to connect to a POP.	Ali-Cdn-Real-Port:80
Ali-Cdn-Real-Ip	The IP address that is used by the client to connect to a POP.	Ali-Cdn-Real-Ip:192.168.0.1
X-Forwarded-For	The IP address of the client and IP address of a POP that is used to connect to the origin server.	X-Forwarded-For:192.168.0.1, 172.16.0.1
X-Client-Scheme	The protocol that is used by the client to send the request to a POP, such as HTTP or HTTPS.	X-Client-Scheme:http
Host	The domain name of the origin server to which the request is redirected.	Host:example.com
Via	The names of all POPs that the request passes through.	Via:cn2546-10.l1, cache1.cn2546-10, l2cn2547-7.l2, cache1.l2cn2547-7

If the value of the HTTP request header is a variable, a specific value is assigned to the variable when the variable is used. The following table describes available variables.

Origin HTTP header	Description
$http_Ali_Cdn_Real_Port	Adds a header that passes the client port to the origin server.
$http_Ali_Cdn_Real_Ip	Adds a header that passes the client IP address to the origin server.
$proxy_add_x_forwarded_for	Adds the XFF header to back-to-origin requests. The XFF header passes the client IP address and proxy IP address to the origin server.

Procedure

Log on to the Alibaba Cloud CDN console.
In the left-side navigation pane, click Domain Names.
On the Domain Names page, find the domain name that you want to manage and click Manage in the Actions column.
In the left-side navigation tree of the domain name, click Origin Fetch.
Click the Custom Request Header tab.
Click Customize.

Configure the parameters in the Back-to-origin Request Headers dialog box.

Important

When different operations are performed on the same request header at the same time, the operations have different priorities. The operations are prioritized in the following descending order: Replace > Add > Change or Delete. For example, if you perform the Add and Delete operations on the same request header at the same time, the request header is added and then deleted.

Parameters of the Add operation

Parameter	Example	Description
Operation	Add	This operation adds a request header to back-to-origin HTTP requests.
Request Header	Custom Back-to-origin Request Headers	You can select a preset header, or select Custom Back-to-origin Request Headers from the Request Header drop-down list to specify a request header.
Header Name	x-code	The name of the custom request header is x-code.
Header Value	key1, key2	You can specify one or more values for a request header. Separate values with commas (,).
Allow Duplicates	Yes	Yes: You can add duplicate request headers. Example: `x-code:key1` and `x-code:key2`. No: The latest header value overwrites the existing header value that uses the same header name. For example, if you add `x-code:key1` and then add `x-code:key2`, `x-code:key2` takes effect.
Rule Condition	Do not use conditions	Rule conditions can identify parameters in a request to determine whether a configuration takes effect on the request. Do not use conditions Select the configured rule conditions in Rules Engine. For more information, see Rules engine.

Parameters of the Delete operation

Parameter	Example	Description
Operation	Delete	This operation deletes all request headers that match the values of the Request Header and Header Name parameters. Duplicate request headers are also deleted.
Request Header	Custom Back-to-origin Request Headers	You can select a preset header, or select Custom Back-to-origin Request Headers from the Request Header drop-down list to specify a request header.
Header Name	x-code	The name of the custom request header is x-code.
Rule Condition	Do not use conditions	Rule conditions can identify parameters in a request to determine whether a configuration takes effect on the request. Do not use conditions Select the configured rule conditions in Rules Engine. For more information, see Rules engine.

Parameters of the Change operation

Parameter	Example	Description
Operation	Change	You can perform the Change operation only if no duplicate request headers exist.
Request Header	Custom Back-to-origin Request Headers	You can select a preset header, or select Custom Back-to-origin Request Headers from the Request Header drop-down list to specify a request header.
Header Name	x-code	The name of the custom request header is x-code.
Change Value To	key1, key3	You can specify one or more values for a request header. Separate values with commas (,).
Rule Condition	Do not use conditions	Rule conditions can identify parameters in a request to determine whether a configuration takes effect on the request. Do not use conditions Select the configured rule conditions in Rules Engine. For more information, see Rules engine.

Parameters of the Replace operation

Parameter	Example	Description
Operation	Replace	You can perform the Replace operation only if no duplicate request headers exist.
Request Header	Custom Back-to-origin Request Headers	You can select a preset header, or select Custom Back-to-origin Request Headers from the Request Header drop-down list to specify a request header.
Header Name	x-code	The name of the custom request header is x-code.
Find	key	Allows you to search for the value that you want to replace by using regular expressions.
Replace With	abc	Allows you to replace matching values by using regular expressions.
Match	Match All	Match All: All matching values are replaced. For example, if you use a regular expression to replace all strings of "key" in `x-code:key1,key2,key3` with abc, the key-value pair is changed to `x-code:abc1,abc2,abc3`. Match the First Only: Only the first matching value is replaced. For example, if you use a regular expression to replace the first string of "key" in `x-code:key1,key2,key3` with abc, the key-value pair is changed to `x-code:abc1,key2,key3`.
Rule Condition	Do not use conditions	Rule conditions can identify parameters in a request to determine whether a configuration takes effect on the request. Do not use conditions Select the configured rule conditions in Rules Engine. For more information, see Rules engine.

Click OK.