You can define the operation parameters of an HTTP transaction by configuring HTTP headers. This topic describes how to configure HTTP headers.

Background information

HTTP headers are components of the header section of request and response messages that are transmitted over HTTP. HTTP headers define the resources that are being requested and the behavior of clients or servers.

  • The configurations of HTTP headers for a domain name for CDN affect how a client program responds to all the requests that are destined for the domain name. The client program can be a browser. The header configurations do not affect the cache server.
  • You cannot configure HTTP headers for wildcard domain names.


  1. Log on to the ApsaraVideo Live console.
  2. In the left-side navigation pane, click Domains to go to the Domain Management page.
  3. Find the streaming domain that you want to configure and click Domain Settings.
    Domain name configuration
  4. Choose Stream Management > HTTP Header Settings.
  5. Click Add.
  6. Select a parameter from the Header drop-down list, enter the value in the Value field, and then click OK.
    Configure HTTP headers

    The following table describes the parameters.

    Parameter Description Example
    Content-Type The type of the content that is returned to the client program. image
    Cache-Control The cache policy that the client program follows for requests and responses. no-cache
    Content-Disposition The default file name that is provided by the client program when the requested content is saved as a file. 123.txt
    Content-Language The language of the intended audience for the content that is returned to the client program. zh-CN
    Expires The expiration time of the content that is returned to the client program. Wed, 21 Oct 2015 07:28:00 GMT
    Access-Control-Allow-Origin The origins from which cross-origin requests are allowed. *
    Note You can enter * to specify all the domain names. You can also enter a full domain name, such as
    Access-Control-Allow-Headers The headers that are allowed in cross-origin requests. X-Custom-Header
    Access-Control-Allow-Methods The request methods that are allowed for cross-origin requests. POST and GET
    Note To add both the POST and GET methods, separate them with a comma (,).
    Access-Control-Max-Age The time to live (TTL) during which the response can be cached for a preflight request that is initiated by the client program for a particular resource. Unit: seconds. 600
    Access-Control-Expose-Headers The headers that can be exposed as part of the response. Content-Length