You can call the BatchSetDcdnDomainConfigs operation to configure features for multiple accelerated domain names at once. This topic describes the features that you can configure by calling this API operation and their corresponding parameters.
The features described in this topic can be referenced by the following API operations: BatchSetDcdnDomainConfigs, DescribeDcdnDomainConfigs, BatchDeleteDcdnDomainConfigs, and DescribeDcdnUserDomainsByFunc.
You can call BatchSetDcdnDomainConfigs to configure features for multiple accelerated domain names at once and generate a unique ConfigId. You can use the ConfigId to update or delete a specific configuration. For more information, see Usage of ConfigId.
Basic information
dynamic
Feature description: DCDN-related configurations. For more information about this feature, see the console configuration topic Rules for static and dynamic content acceleration.
Feature ID (FunctionID/FuncId): 46.
Parameter description:
Parameter
Type
Required
Description
Example
enable
String
Yes
Enable Static Acceleration:
on: enables the feature.
off: disables the feature.
on
static_route_type
String
No
The file extensions for static content acceleration.
.txt
static_route_url
String
No
The URI for static content acceleration.
/domain/detail/log.txt
static_route_path
String
No
The path of the file for static content acceleration.
NoteYou can use wildcard characters, such as the asterisk (*) and question mark (?), for fuzzy match of static file paths. An asterisk (*) matches zero or more characters. A question mark (?) matches a single character.
/abc/test/*
dynamic_route_origin
String
No
The origin protocol policy for dynamic content. Valid values:
http: DCDN uses HTTP to request resources from the origin server.
https: DCDN uses HTTPS to request resources from the origin server.
follow: DCDN uses the same protocol as the client to request resources from the origin server.
follow-port: DCDN uses the protocol that corresponds to the origin server port to request resources from the origin server.
NoteIf you do not set dynamic_route_origin, the default value follow is used.
https
dynamic_route_round_robin
String
No
Specifies whether to enable load balancing. Valid values:
on: enables the feature.
off (default): disables the feature.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "static_route_type", "argValue": ".txt" }, { "argName": "static_route_url", "argValue": "/domain/detail/log.txt" },{ "argName": "static_route_path", "argValue": "/abc/test/*" }, { "argName": "dynamic_route_origin", "argValue": "https" }, { "argName": "dynamic_route_round_robin", "argValue": "off" }], "functionName": "dynamic" }], "DomainNames": "example.com" }
ipv6
Feature description: IPv6 access configuration. For more information about this feature, see the console configuration topic Enable IPv6.
Feature ID (FunctionID/FuncId): 194.
Parameter description:
Parameter
Type
Required
Description
Example
switch
String
Yes
Enable IPv6 access:
on: enables the feature.
off: disables the feature.
on
region
String
Yes
The regions where you want to enable IPv6. The wildcard character (*) is supported.
NoteAn asterisk (*) indicates that IPv6 is enabled for all regions. Currently, you can enable IPv6 only for all regions. If you want to enable IPv6 for a specific region, submit a ticket to apply.
If you do not set this parameter, IPv6 is enabled for all regions by default.
*
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "switch", "argValue": "on" }, { "argName": "region", "argValue": "*" }], "functionName": "ipv6" }], "DomainNames": "example.com" }
Origin configuration
set_req_host_header
Feature description: Configures the origin host. For more information about this feature, see the console configuration topic Configure the default origin host.
Feature ID (FunctionID/FuncId): 18.
Parameter description:
Parameter
Type
Required
Description
Example
domain_name
String
Yes
The content of the origin host header.
example.comConfiguration example:
{ "Functions": [{ "functionArgs": [{ "argName": "domain_name", "argValue": "example.com" }], "functionName": "set_req_host_header" }], "DomainNames": "example.com" }
forward_scheme
Feature description: Configures the origin protocol policy. For more information about this feature, see the console configuration topic Configure static protocol follow-up for origin fetch.
Feature ID (FunctionID/FuncId): 47.
Parameter description:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable the origin protocol policy. Valid values:
on: enables the feature.
off: disables the feature.
on
scheme_origin
String
No
The origin protocol policy. Valid values:
http: DCDN uses HTTP for origin fetch.
https: DCDN uses HTTPS for origin fetch.
follow: DCDN uses the same protocol as the client request for origin fetch.
NoteIf you do not set scheme_origin, the default value follow is used.
follow
scheme_origin_port
String
No
The custom origin port. This parameter must be used with the scheme_origin parameter. Valid values:
If you set scheme_origin to http, you only need to configure an HTTP origin port. Example: 80.
If you set scheme_origin to https, you only need to configure an HTTPS origin port. Example: 443.
If you set scheme_origin to follow, you must configure both HTTP and HTTPS origin ports. Separate them with a colon (:). Example: 80:443.
80:443
Configuration example 1: DCDN uses the same protocol as the client request for origin fetch. The origin port is the default port for the protocol. Port 80 is used for HTTP and Port 443 is used for HTTPS.
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "scheme_origin", "argValue": "follow" }], "functionName": "forward_scheme" }], "DomainNames": "example.com" }Configuration example 2: DCDN uses the same protocol as the client request for origin fetch. The origin port is a custom port. Port 8080 is used for HTTP and Port 4433 is used for HTTPS.
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "scheme_origin", "argValue": "follow" }, { "argName": "scheme_origin_port", "argValue": "8080:4433" }], "functionName": "forward_scheme" }], "DomainNames": "example.com" }
l2_oss_key
Feature description: Configures origin fetch from a private bucket. Note: The first time you use this feature, you must enable the default access policy with a single click. After you enable the policy, DCDN is granted read-only access to all OSS buckets that belong to your Alibaba Cloud account. For more information about this feature, see the console configuration topic Origin fetch from a private OSS bucket.
Feature ID (FunctionID/FuncId): 85.
Parameter description:
Parameter
Type
Required
Description
Example
private_oss_auth
String
Yes
Specifies whether to enable origin fetch from a private bucket. Valid values:
on: enables the feature.
off: disables the feature.
After you enable this feature, the system automatically configures a Security Token Service (STS) token. This simplifies the configuration. However, this method supports origin fetch only from private OSS buckets that belong to the same Alibaba Cloud account as the DCDN accelerated domain name. For more information about STS tokens, see What is STS?.
on
perm_private_oss_tbl
String
No
The configuration of the permanent security token. The format is
access_id=123 access_secret=123abc. Separate the parameters with a space.After you configure a permanent security token, you can configure origin fetch from private OSS buckets that belong to the same Alibaba Cloud account as the DCDN accelerated domain name, and also from private OSS buckets that belong to another Alibaba Cloud account. For more information about permanent security tokens, see Create an AccessKey.
access_id=123 access_secret=123abc
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "private_oss_auth", "argValue": "on" },{ "argName": "perm_private_oss_tbl", "argValue": "access_id=123 access_secret=123abc" }], "functionName": "l2_oss_key" }], "DomainNames": "example.com" }
oss_key_list
Feature description: A list of private keys for origin fetch from OSS. You can configure one or more rules to specify multiple private OSS buckets and their corresponding security tokens.
Feature ID (FunctionID/FuncId): 183.
Parameter description:
Parameter
Type
Required
Description
Example
host
String
Yes
The complete address of the OSS bucket.
example.oss-cn-hangzhou.aliyuncs.com
key
String
Yes
The configuration of the permanent security token. The format is
access_id=123 access_secret=123abc. Separate the parameters with a space.After you configure a permanent security token, you can configure origin fetch from private OSS buckets that belong to the same Alibaba Cloud account as the DCDN accelerated domain name, and also from private OSS buckets that belong to another Alibaba Cloud account. For more information about permanent security tokens, see Create an AccessKey.
access_id=123 access_secret=123abc
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "host", "argValue": "example.oss-cn-hangzhou.aliyuncs.com" },{ "argName": "key", "argValue": "access_id=123 access_secret=123abc" }], "functionName": "oss_key_list" }], "DomainNames": "example.com" }
https_origin_sni
Feature description: Configures the origin SNI. You can set a specific origin SNI for a specific origin server. For more information about this feature, see the console configuration topic Configure a specific origin SNI. For more information about this feature, see the console configuration topic Configure origin SNI.
Feature ID (FunctionID/FuncId): 114.
Parameter description:
Parameter
Type
Required
Description
Example
enabled
String
Yes
Specifies whether to enable the origin SNI feature. Valid values:
on: enables the feature.
off: disables the feature.
on
https_origin_sni
String
Yes
The SNI information carried in the origin request. This is the address of the origin server that the origin request needs to access.
origin.example.comConfiguration example:
{ "Functions": [{ "functionArgs": [{ "argName": "https_origin_sni", "argValue": "origin.example.com" }, { "argName": "enabled", "argValue": "on" }], "functionName": "https_origin_sni" }], "DomainNames": "example.com" }
forward_timeout
Feature description: Configures the origin request timeout. For more information about this feature, see the console configuration topic Origin request timeout.
Feature ID (FunctionID/FuncId): 124.
Parameter description:
Parameter
Type
Required
Description
Example
forward_timeout
Integer
Yes
The request timeout period. Unit: seconds.
NoteWe recommend that you set the timeout period to less than 100 seconds.
30
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "forward_timeout", "argValue": "30" }], "functionName": "forward_timeout" }], "DomainNames": "example.com" }
advanced_origin
Feature description: Configures advanced origin. For more information about this feature, see the console configuration topic Advanced origin. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature conflict: The advanced origin feature conflicts with the conditional origin feature (function: origin_dns_host, feature ID: 212). You can enable only one of them. If one of the features is configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. You can call the DeleteDcdnSpecificConfig operation to delete a specific configuration for a domain name.
Feature ID (FunctionID/FuncId): 235.
Parameter description:
Parameter
Type
Required
Description
Example
variable_type
String
Yes
The type of the variable. Valid values:
header: a request header carried in the user request.
arg: a query string parameter carried in the user request URL.
uri: a path carried in the user request URL.
cookie: a request cookie carried in the user request.
uri
variable
String
Yes
The name of the variable.
NoteIf you set variable_type to uri, you must set variable to uri.
uri
conditions
String
Yes
The condition. Valid values:
==: equals.
!=: does not equal.
==
value
String
Yes
The value of the variable.
/image
origin
String
Yes
The domain name used for DNS query during origin fetch. This is the value of the variable in the user request. If the value matches, the request is redirected to the specified origin URL.
origin.example.com
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "conditions", "argValue": "==" }, { "argName": "variable_type", "argValue": "uri" }, { "argName": "value", "argValue": "/image" }, { "argName": "origin", "argValue": "origin.example.com" }, { "argName": "variable", "argValue": "uri" }], "functionName": "advanced_origin" }], "DomainNames": "example.com", }
follow_302
Feature description: Configures 302 redirection for origin fetch. For more information about this feature, see the console configuration topic Configure 301/302 redirects for origin fetch. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 219.
Parameter description:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable 302 redirection for origin fetch. Valid values:
on: enables the feature.
off: disables the feature.
on
max_tries
Integer
No
The maximum number of 302 redirects.
Default value: 2.
Valid values: [1,5].
NoteThe number of origin fetches - 1 = the number of 302 redirects. This means the default maximum number of origin fetches is 3, and the valid range is [2,6].
2
retain_args
String
No
Specifies whether to retain the original request parameters when redirecting to the destination origin server. Valid values:
on: retains the parameters.
off (default): does not retain the parameters.
off
retain_header
String
No
Specifies whether to retain the original request header when redirecting to the destination origin server. Valid values:
On: Retain.
off (default): does not retain the header.
off
response_header
String
No
The 302 redirect response header. This is the name of the 302 redirect response header that the origin server sends to DCDN. The default header name is Location.
X-Alicdn-Redirect
retain_host
String
No
Retain the origin domain name for 302 redirects. When enabled, DCDN retains the origin domain name during a 302 redirect. This takes effect only when redirecting to the destination domain name. Valid values:
on: enables the feature.
off (default): disables the feature.
off
modify_host
String
No
Modify the origin domain name for 302 redirects. DCDN modifies the origin domain name during a 302 redirect. This takes effect only when redirecting to the destination domain name. By default, the origin domain name is not modified.
example.com
cache
String
No
Cache the 302 redirect result. When enabled, DCDN caches the redirect result for the same URL during a 302 redirect to improve DCDN response performance. Valid values:
on: enables the feature.
off (default): disables the feature.
off
expired_time
Integer
No
The timeout period for caching the 302 redirect result. This is the timeout period for DCDN to cache the redirect result for the same URL during a 302 redirect. This parameter must be used with the cache feature. Unit: seconds. Default value: 3600.
7200
follow_origin_host
String
No
Use the origin domain name as the origin host for 302 redirects. When enabled, DCDN uses the origin domain name as the origin host. The latest origin domain name is used even after a primary/secondary switchover. Valid values:
on: enables the feature.
off (default): disables the feature.
off
follow_5xx_retry_origin
String
No
Primary/secondary origin server switchover. When enabled, DCDN switches to the next available origin server if it receives a 5xx status code from the origin server. Valid values:
on: enables the feature.
off (default): disables the feature.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "max_tries", "argValue": 2 }, { "argName": "retain_args", "argValue": "off" }, { "argName": "retain_header", "argValue": "off" }, { "argName": "response_header", "argValue": "X-Alicdn-Redirect" }, { "argName": "retain_host", "argValue": "off" }, { "argName": "modify_host", "argValue": "example.com" }, { "argName": "cache", "argValue": "off" }, { "argName": "expired_time", "argValue": "7200" }, { "argName": "follow_origin_host", "argValue": "off" }, { "argName": "follow_5xx_retry_origin", "argValue": "off" }], "functionName": "follow_302" }], "DomainNames": "example.com" }
set_req_header
Feature description: Configures a custom origin HTTP header. For more information about this feature, see the console configuration topic Modify inbound request headers.
Note`set_req_header` is v1. We recommend that you use v2, `origin_request_header`. v2 supports more features for custom origin HTTP headers.
Feature ID (FunctionID/FuncId): 39.
Parameter description:
Parameter
Type
Required
Description
Example
key
String
Yes
The name of the origin header.
Accept-Encoding
value
String
Yes
The value of the origin header. To delete an origin header, set its value to null.
gzip
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "value", "argValue": "gzip" }, { "argName": "key", "argValue": "Accept-Encoding" }], "functionName": "set_req_header" }], "DomainNames": "example.com" }
origin_request_header
Feature description: Configures origin HTTP request headers (new). For more information about this feature, see the console configuration topic Configure origin HTTP request headers. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 228.
Parameter description:
Parameter
Type
Required
Description
Example
header_operation_type
String
Yes
The request header operation. Valid values:
add: Adds a new entry.
delete: delete.
Modify
Use replace instead of rewrite.
add
header_name
String
Yes
The name of the request header.
Accept-Encoding
header_value
String
No
The value of the request header. You can configure multiple values for a request header parameter. Separate multiple values with commas (,).
gzip
duplicate
String
No
Specifies whether to allow adding a request header with the same name. If you set header_operation_type to add, you must specify whether to allow duplicates. Valid values:
On: Allow.
Off: Disabled.
off
header_source
String
No
The parameter value to be replaced. If you set header_operation_type to rewrite, you must set this parameter. Regular expressions are supported.
value1
header_destination
String
No
The new parameter value. If you set header_operation_type to rewrite, you must set this parameter.
value123
match_all
String
No
The match mode. If you set header_operation_type to rewrite, you must set the match mode. Valid values:
on: matches all values. All matched values are replaced.
off: matches only the first value. Only the first matched value is replaced.
off
Configuration example: Adds a custom origin request header to the accelerated domain name
example.com. The request header name is set to `Accept-Encoding` and the request header value is set to `gzip`.{ "Functions": [{ "functionArgs": [{ "argName": "header_operation_type", "argValue": "add" }, { "argName": "header_name", "argValue": "Accept-Encoding" }, { "argName": "header_value", "argValue": "gzip" }, { "argName": "duplicate", "argValue": "off" }], "functionName": "origin_request_header" }], "DomainNames": "example.com" }
origin_response_header
Feature description: Configures origin HTTP response headers. For more information about this feature, see the console configuration topic Modify inbound response headers. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 229.
Parameter description:
Parameter
Type
Required
Description
Example
header_operation_type
String
Yes
The response header operation. Valid values:
add: Adds an item.
Delete: Deletes the item.
To modify is to make a change.
Replace.
add
header_name
String
Yes
The name of the response header.
Cache-Control
header_value
String
No
The value of the response header. You can configure multiple values for a response header parameter. Separate multiple values with commas (,).
no-cache
duplicate
String
No
Specifies whether to allow adding a response header with the same name. If you set header_operation_type to add, you must specify whether to allow duplicates. Valid values:
on: allows duplicates.
off: does not allow duplicates.
off
header_source
String
No
The parameter value to be replaced. If you set header_operation_type to rewrite, you must set this parameter. Regular expressions are supported.
value1
header_destination
String
No
The new parameter value. If you set header_operation_type to rewrite, you must set this parameter.
value123
match_all
String
No
The match mode. If you set header_operation_type to rewrite, you must set the match mode. Valid values:
on: matches all values. All matched values are replaced.
off: matches only the first value. Only the first matched value is replaced.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "header_operation_type", "argValue": "add" }, { "argName": "header_name", "argValue": "Cache-Control" }, { "argName": "header_value", "argValue": "no-cache" }, { "argName": "duplicate", "argValue": "off" }], "functionName": "origin_response_header" }], "DomainNames": "example.com" }
back_to_origin_url_rewrite
Feature description: Rewrites the origin URI. For more information about this feature, see the console configuration topic Rewrite the origin URI. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 225.
Parameter description:
Parameter
Type
Required
Description
Example
source_url
String
Yes
The URI to be rewritten.
^/hello$
target_url
String
Yes
The destination URI.
/hello/test
flag
String
No
The execution rule for the rewrite operation. Valid values:
Empty: If this parameter is not set, subsequent rewrite rules continue to be executed after the current rule is executed.
break: After the current rule is executed, subsequent rewrite rules are no longer executed.
enhance_break: Similar to break, but it processes the request with parameters and also takes effect for FLV live streams.
break
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "flag", "argValue": "break" }, { "argName": "source_url", "argValue": "^/hello$" }, { "argName": "target_url", "argValue": "/hello/test" }], "functionName": "back_to_origin_url_rewrite" }], "DomainNames": "example.com", }
back_to_origin_argument_rewrite
Feature description: Rewrites origin parameters. For more information about this feature, see the console configuration topic Rewrite origin parameters. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
NoteOrigin parameter rewrite modifies the query parameters of the origin request URL. You can configure multiple rewrite rules. The priority of rewrite actions is as follows: Add > Delete > Reserve Only > Modify. If different rewrite rules apply to the same parameter, only the rule with the highest priority takes effect.
Feature ID (FunctionID/FuncId): 224.
Parameter description:
Parameter
Type
Required
Description
Example
delete_argument
String
No
The list of parameters to delete. Separate multiple parameters with spaces.
code1
save_argument
String
No
The list of parameters to retain. Separate multiple parameters with spaces. Only the listed parameters are retained. The add and delete parameter actions still take effect.
Empty
ignore_all_argument
String
No
Specifies whether to ignore all parameters. Valid values:
on: ignores all parameters. Only the add parameter feature remains effective. The delete, keep only, and modify parameter features become ineffective.
off (default): does not ignore all parameters. The keep, add, and delete parameter features remain effective.
on
add_argument
String
No
The parameters to add. This has the highest priority. Separate multiple parameters with spaces.
value=123
modify_argument
String
No
The parameters to modify. This has the lowest priority. If a parameter is deleted, it is not retained. Separate multiple parameters with spaces.
value=321
enable
String
Yes
Specifies whether to enable origin parameter rewrite. Valid values:
on: enables the feature.
off: disables the feature.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "delete_argument", "argValue": "" }, { "argName": "save_argument", "argValue": "" }, { "argName": "add_argument", "argValue": "" }, { "argName": "modify_argument", "argValue": "" }, { "argName": "ignore_all_argument", "argValue": "on" }, { "argName": "enable", "argValue": "on" }], "functionName": "back_to_origin_argument_rewrite" }], "DomainNames": "example.com" }
aws_s3_bucket
Feature description: Configures an Amazon S3 bucket for signing. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 186.
Parameter description:
Parameter
Type
Required
Description
Example
enabled
String
Yes
Enable Amazon S3 bucket authentication:
L2 is enabled.
off: disables the feature.
l2
bucketname
String
No
The name of the Amazon S3 bucket.
/
accesskey
String
Yes
The AWS AccessKey.
123456789
secretkey
String
Yes
The AWS SecretKey.
12345678
region
String
Yes
The Amazon S3 storage region.
us-east-2
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enabled", "argValue": "l2" }, { "argName": "accesskey", "argValue": "123456789" }, { "argName": "secretkey", "argValue": "123456789" }, { "argName": "region", "argValue": "us-east-2" }], "functionName": "aws_s3_bucket" }], "DomainNames": "example.com" }
origin_certificate_verification
Feature description: Configures origin certificate verification (SNI whitelist). For more information about this feature, see the console configuration topic Configure a Common Name whitelist. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 223.
Parameter description:
Parameter
Type
Required
Description
Example
enabled
String
Yes
Specifies whether to enable origin certificate verification. Valid values:
on: enables the feature.
off: disables the feature.
on
common_name_whitelist
String
No
The list of whitelisted domain names for the certificate. You can configure multiple domain names. Separate them with commas (,). Certificates that match these whitelisted domain names can pass verification.
example.comConfiguration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "common_name_whitelist", "argValue": "example.com" }], "functionName": "origin_certificate_verification" }], "DomainNames": "example.com" }
origin_dns_host
Feature description: Configures a conditional origin. You can use this feature with the rules engine feature (function: condition, feature ID: 250) to redirect requests to a specific origin server based on information such as the path, URL parameters, and request headers in user requests. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Prerequisites: Before you configure a conditional origin, you must create at least one rule condition for the rules engine. When you configure the conditional origin, you must associate it with a rule condition. For more information, see Rules engine. If you do not associate the conditional origin configuration with a rule condition, all DCDN origin traffic is directed to this single origin URL. This defeats the purpose of controlling the origin URL with rule conditions.
Feature conflict: The conditional origin feature conflicts with the advanced origin feature (function: advanced_origin, feature ID: 235). You can enable only one of them. If one of the features is configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. You can call the DeleteDcdnSpecificConfig operation to delete a specific configuration for a domain name.
Feature ID (FunctionID/FuncId): 212.
Parameter description:
Parameter
Type
Required
Description
Example
ali_origin_dns_host
String
Yes
The domain name used for DNS query during origin fetch.
example.comConfiguration example: Set `parentid` to reference a rule condition that has been created using the rules engine feature (function: condition, feature ID: 250). The reference is made through the `configid` generated when the configuration was added. This ensures that when a user request hits this rule condition, it is redirected to the specified origin URL.
{ "Functions": [{ "functionArgs": [{ "argName": "ali_origin_dns_host", "argValue": "example.com" }], "functionName": "origin_dns_host", "parentId":30119730104**** }], "DomainNames": "example.com" }
origin_host
Feature description: Configures the origin host for a specific origin server. You can set a specific origin host for a specific origin server. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 242.
Parameter description:
Parameter
Type
Required
Description
Example
origin
String
Yes
The specific origin URL. You can also leave this unspecified by setting the origin parameter to all, which represents all origin servers.
example.comhost
String
Yes
The specific host. You can also leave this unspecified by setting the host parameter to
ali_follow_origin, which means the host value follows the origin URL.host.example.comConfiguration example 1: When a user request is redirected to the origin server
example.com, the `host` value used ishost.example.com.{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "example.com" }, { "argName": "host", "argValue": "host.example.com" }], "functionName": "origin_host" }], "DomainNames": "example.com" }Configuration example 2: User requests redirected to all origin servers (represented by `all`) use the same `host` value
host.example.com.{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "all" }, { "argName": "host", "argValue": "host.example.com" }], "functionName": "origin_host" }], "DomainNames": "example.com" }Configuration example 3: For user requests redirected to all origin servers (represented by `all`), the `host` value follows the origin URL (represented by
ali_follow_origin).{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "all" }, { "argName": "host", "argValue": "ali_follow_origin" }], "functionName": "origin_host" }], "DomainNames": "example.com" }
ali_origin_port_scheme
Feature description: Configures the origin port and protocol. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 276.
Parameter description:
Parameter
Type
Required
Description
Example
port
String
Yes
The origin port.
NoteIf you set scheme to follow, you must use the format
http:80|https:443.80
scheme
String
Yes
The origin protocol. You can customize the origin protocol. Valid values: http, https, follow, https_sm, and follow_sm.
http: Origin fetch is performed over HTTP.
https: Origin fetch is performed over HTTPS with an international algorithm.
follow: Alibaba Cloud CDN follows the protocol, HTTP or HTTPS, that is used by the clients. When the HTTPS protocol is used, only the Rivest-Shamir-Adleman (RSA) algorithm is supported.
If the client uses HTTP, origin fetch also uses HTTP.
The client communicates using the HTTPS protocol.
If the client uses an international algorithm, origin fetch uses HTTPS with an international algorithm.
If the client uses a Chinese cryptographic algorithm, origin fetch uses HTTPS with an international algorithm.
https_sm: Origin fetch is performed over HTTPS with a Chinese cryptographic algorithm.
follow_sm: The service follows the protocol, HTTP or HTTPS, that is used by clients. Both the RSA and SM algorithms are supported.
The client uses the HTTP protocol for origin fetch.
The client uses the HTTPS protocol.
If the client uses an international algorithm, the origin fetch uses HTTPS and an international algorithm.
If the client uses a Chinese cryptographic algorithm, the origin fetch uses HTTPS and a Chinese cryptographic algorithm.
NoteInternational algorithms are internationally standard encryption algorithms. Chinese cryptographic algorithms are domestic encryption algorithms certified by the State Cryptography Administration of China.
http
Configuration example 1: Sets the origin protocol to `http` and the origin port to 80.
{ "Functions": [{ "functionArgs": [{ "argName": "port", "argValue": "80" }, { "argName": "scheme", "argValue": "http" }], "functionName": "ali_origin_port_scheme" }], "DomainNames": "example.com" }Configuration example 2: The origin protocol follows the protocol used by the user request. When an origin fetch is performed over HTTP, the request is redirected to port 80 of the origin server. When an origin fetch is performed over HTTPS, the request is redirected to port 443 of the origin server.
{ "Functions":[{ "functionArgs": [{ "argName": "port", "argValue": "http:80|https:443" }, { "argName": "scheme", "argValue": "follow" }], "functionName":"ali_origin_port_scheme" }], "DomainNames":"example.com" }
origin_sni
Feature description: Configures a specific origin SNI. You can set a specific origin SNI for a specific origin server. For more information about this feature, see the console configuration topic Configure a specific origin SNI. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 262.
Parameter description:
Parameter
Type
Required
Description
Example
origin
String
Yes
The origin URL. You can also leave this unspecified by setting the origin parameter to all.
example.comsni_host
String
Yes
The SNI host value:
You can set it to a static field, such as
example.org.To follow the origin URL as the SNI, set it to
ali_follow_origin.To follow the origin host as the SNI, set it to
ali_follow_host.
example.orgkeepalive_sni
String
No
Specifies whether to enable SNI matching for persistent connections. Valid values:
on: enables the feature.
off: disables the feature.
NoteIf you enable this feature, different persistent connections are used for different origin SNIs.
/
Configuration example 1: When a user request is redirected to the origin server
origin.example.com, the SNI value used ishost.example.com.{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "origin.example.com" }, { "argName": "sni_host", "argValue": "host.example.com" }], "functionName": "origin_sni" }], "DomainNames": "example.com" }Configuration example 2: User requests redirected to all origin servers (represented by
all) use the same SNI valuehost.example.com.{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "all" }, { "argName": "sni_host", "argValue": "host.example.com" }], "functionName":"origin_sni" }], "DomainNames":"example.com" }Configuration example 3: For user requests redirected to all origin servers (represented by
all), the SNI value follows the origin URL (represented by the parameter valueali_follow_origin).{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "all" }, { "argName": "sni_host", "argValue": "ali_follow_origin" }], "functionName": "origin_sni" }], "DomainNames": "example.com" }Configuration example 4: For user requests redirected to all origin servers (represented by
all), the SNI value follows the origin host (represented by the parameter valueali_follow_host).{ "Functions": [{ "functionArgs": [{ "argName": "origin", "argValue": "all" }, { "argName": "sni_host", "argValue": "ali_follow_host" }], "functionName": "origin_sni" }], "DomainNames": "example.com" }
source_group
Feature description: Configures origin group settings. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 294.
Parameter description:
Parameter
Type
Required
Description
Example
source_group_name
String
Yes
The name of the origin group. It can contain lowercase letters, digits, and underscores (_). The maximum length is 128 bytes.
example_origin
source_info
String
Yes
The information about the origin servers. Format: Origin Server Address_Priority_Weight_Port. Use underscores (_) to separate the values of different parameters. Use commas (,) to separate multiple origin servers.
Origin Server Address: Supports IPv4, IPv6, and domain names.
Priority: Valid values: 1 to 65535. A smaller value indicates a higher priority.
Weight: Valid values: 1 to 100. DCDN distributes requests to different origin servers based on their weights.
Port: Valid values: 1 to 65535.
Single source: 192.168.0.1_10_33_80
Multiple sources: 192.168.0.1_10_33_80,192.0.2.1_10_67_80
retry_times
Integer
No
The number of origin fetch retry attempts.
3
retry_status_rule
Integer
No
The status codes that trigger an origin fetch retry. Currently, only the following five values are supported: 4xx, 5xx, 404, 404-or-5xx, and 4xx-or-5xx. You can configure one of them.
404-or-5xx
failback_source
String
No
Use basic origin information for backup. Valid values:
on: If all origin servers in the origin group are unavailable, the origin URLs in Basic Information - Origin Information are used.
off: If all origin servers in the origin group are unavailable, a 5xx status code indicating that the origin server is unavailable is returned directly to the client.
on
NoteOrigin retry logic:
`retry_times`: The number of origin retries.
Retries between IP addresses of the same origin server group are allowed.
The maximum number of retries varies based on the number of available IP addresses in the origin server group.
If you do not set the `retry_times` parameter, the default number of origin retries is the smaller of three and the number of available origin server IP addresses.
If you specify the `retry_times` parameter, the number of origin retries is the smaller value between the value of the `retry_times` parameter and the number of available origin IP addresses.
`retry_status_rule`: The status code that triggers the point of presence (POP) to retry.
If you do not specify the `retry_status_rule` parameter, the POP retries when the origin server returns a 5xx status code.
If you specify the `retry_status_rule` parameter, the POP retries when the origin server returns the status code that you specify. Valid values: 4xx, 5xx, 404, 404-or-5xx, and 4xx-or-5xx. You can specify only one value.
After you specify the `retry_status_rule` parameter, the default 5xx status code remains in effect. For example, if you set the status code to 404, the DCDN POP retries when a 404 or 5xx status code is received.
Origin retry order: The retry order is based on the priority of IP addresses in the origin server group, in descending order.
Origin timeout: The DCDN POP retries after it receives the retry status code from the origin server. If no retry status code is received from the origin server, the timeout process applies. After the timeout period is reached, the DCDN POP is triggered to retry.
Timeout period for establishing a TCP connection with the origin server: 10 seconds.
Origin write timeout: The period for writing data after the TCP connection with the origin server is established. The value is 30 seconds.
Origin read timeout: The period for the origin server to return the content requested by the DCDN POP after the connection is established. The value is 30 seconds.
Origin server probing logic:
Abnormal Layer 4 connection: If the Layer 4 connection between a DCDN POP and an origin server is abnormal, the IP address of the origin server is added to a dead table. This prevents subsequent origin requests from being sent to the IP address. The DCDN POP probes the IP address every 5 seconds. If the TCP connection can be established as expected, the IP address of the origin server is removed from the dead table and added to the list of available origin IP addresses.
Normal Layer 4 connection: If the Layer 4 connection between a DCDN POP and an origin server is normal but a retry status code, such as 5xx, is returned, the IP address of the origin server is not removed from the list of available origin IP addresses. In this case, the retry logic is triggered, and subsequent requests are still sent to the IP address of the origin server. If Layer 7 errors occur when the TCP connection between a POP and an origin server is normal, the IP address of the origin server is not automatically blocked. If you want to block the IP address, you must monitor origin requests at Layer 7.
Configuration example:
{ "Functions":[{ "functionArgs":[{ "argName":"source_group_name", "argValue":"test_yidong" },{ "argName":"source_info", "argValue":"192.168.0.1_10_33_80,192.0.2.1_10_67_80" },{ "argName":"retry_times", "argValue":"3" },{ "argName":"retry_status_rule", "argValue":"404,502" },{ "argName":"failback_source", "argValue":"on" }], "functionName":"source_group" }], "DomainNames":"example.com" }
ipv6_origin
Feature description: Configures origin fetch over IPv6. For more information about this feature, see the console configuration topic Configure origin fetch over IPv6. This feature is available only to users who are added to the whitelist. To use this feature, submit a ticket.
Feature ID (FunctionID/FuncId): 265
Parameter description:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable origin fetch over IPv6.
on: Enables the feature.
off: Disables the feature.
NoteIf this feature is enabled, DCDN provides IPv6 services for origin fetch.
If both the DCDN point of presence (PoP) and the origin server have active IPv6 addresses, DCDN establishes connections over IPv6.
DCDN establishes connections over IPv4 in the following scenarios:
The DCDN PoP does not have an active IPv6 address.
The origin server does not have an active IPv6 address.
Neither the DCDN PoP nor the origin server has an active IPv6 address.
on
follow
String
Yes
Specifies whether back-to-origin requests follow the IP protocol version of client requests.
on: The feature is enabled.
off: The feature is disabled.
NoteWhen this feature is enabled, DCDN back-to-origin requests follow the IP protocol version of the client request.
If a client request uses IPv6, DCDN prioritizes IPv6 origin servers for the back-to-origin request. If no IPv6 origin server is available, DCDN uses an IPv4 origin server.
If a client request uses IPv4, DCDN prioritizes IPv4 origin servers for the back-to-origin request. If no IPv4 origin server is available, DCDN uses an IPv6 origin server.
on
ipv6_v4_mix_used
String
No
Specifies whether to enable the Origin IPv4/IPv6 Address Polling feature.
on: Enabled.
off: Disabled.
NoteThe Origin IPv4/IPv6 Address Polling feature is mutually exclusive with the Origin Fetch over IPv6 and Follow Client IP Protocol for Origin Fetch features. If Origin IPv4/IPv6 Address Polling is enabled, the other two features are disabled.
This feature uses the polling method to send origin fetch requests to all configured IPv4 and IPv6 origin server addresses. This process applies to all client requests, regardless of whether the client uses IPv4 or IPv6.
If weights are configured for the IPv4 and IPv6 addresses, origin fetch requests are distributed according to those weights.
Off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" },{ "argName": "follow", "argValue": "on" }], "functionName": "ipv6_origin" }], "DomainNames": "example.com" }
cos_auth
Description: Configures the authentication bucket for Tencent Cloud Object Storage (COS). This feature is available only to whitelisted users. To request access, submit a ticket.
Function ID (FunctionID/FuncId): 288.
Parameters:
Parameter
Type
Required
Description
Example value
enable
String
Yes
Specifies whether to enable the authentication bucket for Tencent Cloud COS.
on: Enable.
off: Disable.
on
cos_valid_period
String
No
The validity period of the authentication signature in seconds. The default value is 3600 seconds.
/
cos_secret_id
String
Yes
The authentication ID from Tencent Cloud.
123456789
cos_secret_key
String
Yes
The authentication key from Tencent Cloud.
12345678
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "cos_secret_id", "argValue": "123456789" }, { "argName": "cos_secret_key", "argValue": "123456789" }], "functionName": "cos_auth" }], "DomainNames": "example.com" }
oss_auth
Feature description: Configures authentication information for the Object Storage Service (OSS) bucket used for DCDN origin fetch.
Function ID (FunctionID/FuncId): 10.
Note: The platform automatically adds the `oss_auth` configuration when you set an OSS bucket as the origin for an accelerated domain name. Do not manually add or delete this configuration. If this configuration is deleted, billing exemptions for DCDN origin traffic cannot be applied. In addition, if private bucket authentication is enabled, origin fetch from DCDN to the private OSS bucket fails.
Parameters:
Parameter
Type
Required
Description
Example value
oss_bucket_id
String
Yes
The public domain name of the OSS bucket.
dcdn-test.oss-cn-hongkong.aliyuncs.com
oss_pri_buckets
String
Yes
The public domain name of the OSS bucket and its corresponding bucket name.
dcdn-test.oss-cn-hongkong.aliyuncs.com|dcdn-test
Configuration example:
{ "Functions": [ { "ArgValue": "dcdn-test.oss-cn-hongkong.aliyuncs.com", "ArgName": "oss_bucket_id" }, { "ArgValue": "dcdn-test.oss-cn-hongkong.aliyuncs.com|dcdn-test", "ArgName": "oss_pri_buckets" } ], "functionName": "oss_auth" }], "DomainNames": "example.com" }
Cache configuration
filetype_based_ttl_set
Specifies the cache expiration time for files based on file extension. For more information, see Configure cache time-to-live.
Function ID (FunctionID/FuncId): 6.
Parameter description:
Parameter
Type
Required
Description
Example
ttl
Integer
Yes
The cache duration in seconds. The value must be an integer from 1 to 99999999, which is slightly more than 3 years.
500000
file_type
String
Yes
The file type. This parameter is case-sensitive. Separate multiple file types with commas (,). Example: jpg,txt.
jpg
weight
Integer
No
The weight. Valid values: 1 to 99.
NoteThe default value is 1. A larger value indicates a higher priority.
1
swift_origin_cache_high
String
No
Prioritize the origin server's cache policy. If you set this parameter to `on`, the origin server's cache policy takes precedence when the origin server returns cache-related headers, such as `Cache-Control` and `Pragma`. Valid values:
`on`: enabled
`off` (default): disabled
off
swift_no_cache_low
String
No
Ignore `no-cache` response headers from the origin server. If you set this parameter to `on`, the following `no-cache` response headers from the origin server are ignored.
Cache-Control: no-store
Cache-Control: no-cache
Cache-Control: max-age=0
Pragma: no-cache
Valid values:
`on`: enabled
`off` (default): disabled
off
swift_follow_cachetime
String
No
Allow clients to follow the DCDN cache policy. If you set this parameter to `on`, the final DCDN cache policy is returned to the client. Valid values:
`on`: enabled
`off` (default): disabled
off
force_revalidate
String
No
Force content validation when the TTL is 0. Valid values:
`on`: enabled. When the TTL is 0, content is cached on points of presence (POPs), and each request requires an origin fetch to validate the cached content.
`off` (default): disabled. When the TTL is 0, content is not cached on POPs, and each request requires an origin fetch to retrieve the content.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "file_type", "argValue": "jpg" }, { "argName": "weight", "argValue": "1" }, { "argName": "ttl", "argValue": "500000" }, { "argName": "swift_origin_cache_high", "argValue": "off" }, { "argName": "swift_no_cache_low", "argValue": "off" }, { "argName": "swift_follow_cachetime", "argValue": "off" },{ "argName": "force_revalidate", "argValue": "off" }], "functionName": "filetype_based_ttl_set" }], "DomainNames": "example.com" }
path_based_ttl_set
Description: Configures the cache expiration time for a folder. For more information, see Configure cache expiration time.
Function ID (FunctionID/FuncId): 7.
Parameter description:
Parameter
Type
Required
Description
Example
ttl
Integer
Yes
The cache duration in seconds. The value must be an integer from 1 to 99999999, which is slightly more than 3 years.
500000
path
String
Yes
The folder path. The path must start with a forward slash (/).
/example/demo
weight
Integer
No
The weight. Valid values: 1 to 99.
NoteThe default value is 1. A larger value indicates a higher priority.
1
swift_origin_cache_high
String
No
Prioritize the origin server's cache policy. If you set this parameter to `on`, the origin server's cache policy takes precedence when the origin server returns cache-related headers, such as `Cache-Control` and `Pragma`. Valid values:
`on`: enabled
`off` (default): disabled
off
swift_no_cache_low
String
No
Ignore `no-cache` response headers from the origin server. If you set this parameter to `on`, the following `no-cache` response headers from the origin server are ignored.
Cache-Control: no-store
Cache-Control: no-cache
Cache-Control: max-age=0
Pragma: no-cache
Valid values:
`on`: enabled
`off` (default): disabled
off
swift_follow_cachetime
String
No
Allow clients to follow the DCDN cache policy. If you set this parameter to `on`, the final DCDN cache policy is returned to the client. Valid values:
`on`: enabled
`off` (default): disabled
off
force_revalidate
String
No
Force content validation when the TTL is 0. Valid values:
`on`: enabled. When the TTL is 0, content is cached on POPs, and each request requires an origin fetch to validate the cached content.
`off` (default): disabled. When the TTL is 0, content is not cached on POPs, and each request requires an origin fetch to retrieve the content.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "path", "argValue": "/example/demo" }, { "argName": "weight", "argValue": "1" }, { "argName": "ttl", "argValue": "500000" }, { "argName": "swift_origin_cache_high", "argValue": "off" }, { "argName": "swift_no_cache_low", "argValue": "off" }, { "argName": "swift_follow_cachetime", "argValue": "off" }, { "argName": "force_revalidate", "argValue": "off" }], "functionName": "path_based_ttl_set" }], "DomainNames": "example.com" }
filetype_force_ttl_code
Configures the cache expiration time of status codes. For more information, see Configure status code expiration time.
Function ID (FunctionID/FuncId): 63.
Parameter description:
Parameter
Type
Required
Description
Example
file_type
String
Yes
The file type. This parameter is case-sensitive. Separate multiple file types with commas (,). Example: jpg,txt.
jpg
code_string
String
Yes
The status code and its cache duration in seconds. The maximum duration is 3 years. Separate multiple entries with commas (,). Example: 302=0,301=0,4xx=2.
403=10
swift_code_origin_cache_high
String
No
Prioritize the origin server's cache policy. If you set this parameter to `on`, the origin server's cache policy takes precedence when the origin server returns cache-related headers, such as `Cache-Control` and `Pragma`. Valid values:
`on`: enabled
`off` (default): disabled
off
swift_code_no_cache_low
String
No
Ignore `no-cache` response headers from the origin server. If you set this parameter to `on`, the following `no-cache` response headers from the origin server are ignored.
Cache-Control: no-store
Cache-Control: no-cache
Cache-Control: max-age=0
Pragma: no-cache
Valid values:
`on`: enabled
`off` (default): disabled
off
swift_code_follow_cachetime
String
No
Allow clients to follow the DCDN cache policy. If you set this parameter to `on`, the final DCDN cache policy is returned to the client. Valid values:
`on`: enabled
`off` (default): disabled
off
force_revalidate
String
No
Force content validation when the TTL is 0. Valid values:
`on`: enabled. When the TTL is 0, content is cached on POPs, and each request requires an origin fetch to validate the cached content.
`off` (default): disabled. When the TTL is 0, content is not cached on POPs, and each request requires an origin fetch to retrieve the content.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "file_type", "argValue": "jpg" }, { "argName": "code_string", "argValue": "403=10" }, { "argName": "swift_code_origin_cache_high", "argValue": "off" }, { "argName": "swift_code_no_cache_low", "argValue": "off" }, { "argName": "swift_code_follow_cachetime", "argValue": "off" }, { "argName": "force_revalidate", "argValue": "off" }], "functionName": "filetype_force_ttl_code" }], "DomainNames": "example.com" }
path_force_ttl_code
Configures the cache expiration time of status codes for specific paths. For more information, see Configure status code expiration time.
Function ID (FunctionID/FuncId): 65.
Parameter description:
Parameter
Type
Required
Description
Example
path
String
Yes
The folder path. The path must start with a forward slash (/). Example: /image.
/example/demo
code_string
String
Yes
The status code and its cache duration in seconds. The value must be an integer from 1 to 99999999, which is slightly more than 3 years. Separate multiple entries with commas (,). Example: 302=0,301=0,4xx=2.
403=10,404=15
swift_code_origin_cache_high
String
No
Prioritize the origin server's cache policy. If you set this parameter to `on`, the origin server's cache policy takes precedence when the origin server returns cache-related headers, such as `Cache-Control` and `Pragma`. Valid values:
`on`: enabled
`off` (default): disabled
off
swift_code_no_cache_low
String
No
Ignore `no-cache` response headers from the origin server. If you set this parameter to `on`, the following `no-cache` response headers from the origin server are ignored.
Cache-Control: no-store
Cache-Control: no-cache
Cache-Control: max-age=0
Pragma: no-cache
Valid values:
`on`: enabled
`off` (default): disabled
off
swift_code_follow_cachetime
String
No
Allow clients to follow the DCDN cache policy. If you set this parameter to `on`, the final DCDN cache policy is returned to the client. Valid values:
`on`: enabled
`off` (default): disabled
off
force_revalidate
String
No
Force content validation when the TTL is 0. Valid values:
`on`: enabled. When the TTL is 0, content is cached on POPs, and each request requires an origin fetch to validate the cached content.
`off` (default): disabled. When the TTL is 0, content is not cached on POPs, and each request requires an origin fetch to retrieve the content.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "path", "argValue": "/example/demo" }, { "argName": "code_string", "argValue": "403=10,404=15" }, { "argName": "swift_code_origin_cache_high", "argValue": "off" }, { "argName": "swift_code_no_cache_low", "argValue": "off" }, { "argName": "swift_code_follow_cachetime", "argValue": "off" }, { "argName": "force_revalidate", "argValue": "off" }], "functionName": "path_force_ttl_code" }], "DomainNames": "example.com" }
default_ttl_code
Description: Sets the cache expiration time of status codes (origin-priority).
Function ID (FunctionID/FuncId): 207.
Parameter description:
Parameter
Type
Required
Description
Example
default_ttl_code
String
Yes
The status code and its cache duration in seconds. The value must be an integer from 1 to 99999999, which is slightly more than 3 years. Separate multiple status codes with commas (,).
4xx=3,200=3600,5xx=1
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "default_ttl_code", "argValue": "4xx=3,200=3600,5xx=1" }], "functionName": "default_ttl_code" }], "DomainNames": "example.com" }
set_resp_header
Description: Configures custom HTTP response headers. For more information, see Modify outbound response headers.
Function ID (FunctionID/FuncId): 27.
Parameter description:
Parameter
Type
Required
Description
Example
key
String
Yes
The response header.
Cache-Control
value
String
Yes
The value of the response header. Separate multiple values with commas (,).
NoteTo delete a response header, set its value to null.
no-cache
header_operation_type
String
No
The operation to perform on the request header. The value is:
add: Adds an entry.
Delete: delete.
Modify: To change.
`rewrite`: replaces a header.
add
duplicate
String
No
Specifies whether to allow adding a response header with the same name. This parameter is required when you set `header_operation_type` to `add`. Valid values:
on: Duplicates are allowed.
`off`: do not allow.
off
header_source
String
No
The value to be replaced. This parameter is required when you set `header_operation_type` to `rewrite`. The value can be a regular expression.
value1
header_destination
String
No
The new value. This parameter is required when you set `header_operation_type` to `rewrite`.
value123
match_all
String
No
The match pattern. This parameter is required when you set `header_operation_type` to `rewrite`. Valid values:
`on`: match all. All matched values are replaced.
`off`: match the first one. Only the first matched value is replaced.
/
access_origin_control
String
No
Specifies whether to enable cross-domain authentication. Valid values:
`on`: DCDN POPs authenticate cross-domain user requests.
`off`: disable this feature.
/
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "header_operation_type", "argValue": "add" }, { "argName": "key", "argValue": "Cache-Control" }, { "argName": "value", "argValue": "no-cache" }, { "argName": "duplicate", "argValue": "off" }], "functionName": "set_resp_header" }], "DomainNames": "example.com" }
error_page
Description: Configures custom error pages. For more information, see Configure custom pages.
Function ID (FunctionID/FuncId): 15.
Parameter description:
Parameter
Type
Required
Description
Example
error_code
Integer
Yes
The error code.
404
rewrite_page
String
Yes
The redirection page.
http://example.aliyundoc.com/error404.htmlConfiguration example:
{ "Functions": [{ "functionArgs": [{ "argName": "error_code", "argValue": "404" }, { "argName": "rewrite_page", "argValue": "http://example.aliyundoc.com/error404.html" }], "functionName": "error_page" }], "DomainNames": "example.com" }
host_redirect
Feature description: Configures URI rewrite rules. For detailed console configuration instructions, see Configure URI rewrite rules.
Function ID (FunctionID/FuncId): 43.
Parameter description:
Parameter
Type
Required
Description
Example
regex
String
Yes
The URL to be rewritten. It must be a URI that starts with a forward slash (/) and does not contain the `http://` protocol or a domain name. PCRE regular expressions are supported. Example: ^/hello$.
^/hello$
replacement
String
Yes
The destination URL. It must be a URI that starts with a forward slash (/) and does not contain the `http://` protocol or a domain name.
/hello/test
flag
String
No
The action that a DCDN POP performs after the URI is rewritten. Valid values:
Empty: The default value. This means the flag parameter is not passed. If multiple rules are configured and a request URL matches a rule, the POP continues to match subsequent rules after the current rule is executed.
break: If a request URL matches a rule, the request is rewritten to the destination URL. The parameters in the original URL are not modified. After the current rule is executed, no more rules are matched.
redirect: If a request URL matches a rule, the request is redirected to the destination URL with a 302 status code. The DCDN POP returns the destination URL as the `Location` header to the client. The parameters in the original URL are not modified. After the current rule is executed, subsequent rules are still matched.
enhance_break: Similar to break, but rewrites the entire URL, including the parameters.
enhance_redirect: Similar to redirect, but rewrites the entire URL, including the parameters.
NoteThe rewrite method and support for other domain names and protocols vary based on the action:
Empty, break, and enhance_break directly rewrite the user request URL. They do not support rewriting to other domain names or protocols, such as rewriting from HTTP to HTTPS.
redirect and enhance_redirect use a 302 redirect to rewrite the URL. They support rewriting to other domain names and protocols:
The 302 `Location` address can be set to the current accelerated domain name or another domain name. For example, you can rewrite a URL from `example.com` to `aliyundoc.com`.
The 302 `Location` address supports other protocols. For example, you can rewrite a URL from HTTP to HTTPS.
redirect
rewrite_method
String
No
The redirection method. The 302, 303, and 307 status codes are supported:
302: The default redirection method. The GET request method does not change. Other request methods may change to GET.
303: The GET request method does not change. Other request methods change to GET, and the message body is lost.
307: The request method and message body do not change.
302
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "flag", "argValue": "redirect" }, { "argName": "regex", "argValue": "^/hello$" }, { "argName": "replacement", "argValue": "/hello/test" }, { "argName": "rewrite_method", "argValue": "302" }], "functionName": "host_redirect" }], "DomainNames": "example.com" }
self_defined_cachekey
Description: Configures a custom CacheKey. For more information, see Custom CacheKey.
Function ID (FunctionID/FuncId): 227.
Parameter description:
Parameter
Type
Required
Description
Example
uri
Array of String
No
Rewrites the source URI in the request to a destination URI and saves the result as the cache key.
`uri_to_rewrite` specifies the source URI.
`ai_uri_regex` specifies the destination URI.
[{"uri_to_rewrite":"/hello","ai_uri_regex":"/hello/test"}]args
Array of String
No
Performs an add, delete, modify, or keep operation on the request parameters and saves the result as the cache key. Valid values:
`args_operation_type`: specifies the parameter operation type. Supported values are `add`, `delete`, `modify`, and `keep`.
`args`: specifies the parameter value for the operation.
[{"args":"test=123","args_operation_type":"add"}]headers
String
No
Adds multiple HTTP headers and appends them to the cache key. Separate multiple HTTP headers with spaces.
example
variable
Array of String
No
A custom variable. You can use a regular expression to extract any field from the request parameters, HTTP headers, cookies, or URI in the request URL, and then append the field to the cache key.
[]
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "uri", "argValue": [{ "uri_to_rewrite": "/hello", "ai_uri_regex": "/hello/test" }] }, { "argName": "args", "argValue": [{ "args": "test=123", "args_operation_type": "add" }] }, { "argName": "headers", "argValue": "" }, { "argName": "variable", "argValue": [] }], "functionName": "self_defined_cachekey" }], "DomainNames": "example.com" }
rewrite_host
Description: Configures shared cache.
Function ID (FunctionID/FuncId): 54.
Parameter description:
Parameter
Type
Required
Description
Example
share_host
String
Yes
The destination domain name that can share a cache with the current domain name. This configuration does not modify the `Host` header for origin fetches. It only uses the `share_host` value to generate the cache key for querying cached resources.
example.com
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "share_host", "argValue": "example.com" }], "functionName": "rewrite_host" }], "DomainNames": "example.com" }
serving_stale_content
Description: Serves stale content when the origin server is unavailable.
Function ID (FunctionID/FuncId): 260.
Parameter description:
Parameter
Type
Required
Description
Example
origin_error_status_code
String
No
Custom abnormal status codes from the origin server.
Description: Specifies the origin status codes to which this feature applies.
Default value: This parameter is not specified by default. By default, an origin error is defined as a timeout or any 5xx status code.
Configuration: You can enter `4xx` or `5xx` for a blur match, or enter specific status codes such as `502` or `504` for an exact match. To specify multiple status codes, separate them with commas (,).
502
extend_expiration_time
Integer
No
Extended expiration time.
Description: The maximum time to keep stale cache after it expires.
Default value: This parameter is not specified by default. The default extended expiration time is 1 hour.
Configuration: Enter a positive integer that is greater than or equal to 1. Unit: seconds.
60
origin_first
String
No
Prioritize origin policy.
Description: If you set this parameter to on, the origin policy is prioritized. If the origin server returns a file with the
Cache-Control: stale-if-error=xxcache policy, the time specified by the `stale-if-error` parameter is used as the extended expiration time.Default value: This parameter is not specified by default. This is equivalent to `off`. In this case, the extended expiration time is specified by the `extend_expiration_time` parameter.
Configuration: Supported values are on (enabled) and off (disabled).
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "origin_error_status_code", "argValue": "502" }, { "argName": "extend_expiration_time", "argValue": "60" }, { "argName": "origin_first", "argValue": "off" }], "functionName": "serving_stale_content" }], "DomainNames": "example.com" }
HTTPS configuration
https_option
Feature description: Configures basic HTTPS parameters. For more information, see Configure HTTPS certificates, Configure HTTP/2, and Configure OCSP Stapling.
Function ID (FunctionID/FuncId): 78.
Parameter description:
Parameter
Type
Required
Description
Example value
http2
String
No
Specifies whether to enable HTTP/2:
on: Enables the feature.
off: Disables the feature.
on
ocsp_stapling
String
No
Specifies whether to enable the Online Certificate Status Protocol (OCSP) Stapling feature:
on: Enables the feature.
off: Disables the feature.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "http2", "argValue": "on" }, { "argName": "ocsp_stapling", "argValue": "on" }], "functionName": "https_option" }], "DomainNames": "example.com" }
http_force
Description: Configures a forced redirect to HTTP. For more information, see Configure force redirect.
Feature conflict: The force HTTP redirect feature conflicts with the force HTTPS redirect feature (function: https_force, function ID: 44). You can enable only one of them. If one of these features is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. To delete a feature configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 45.
Parameters:
Parameter
Type
Required
Description
Example value
enable
String
Yes
Specifies whether to enable force HTTP redirect.
on: Enables the feature.
off: Disables the feature.
on
http_rewrite
String
No
The redirect method. Supported status codes are 301 and 308.
301: The GET request method is not changed. Other request methods may be changed to the GET method.
308: The request method and message entity are not changed.
301
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "http_rewrite", "argValue": "301" }], "functionName": "http_force" }], "DomainNames": "example.com" }
https_force
Feature description: Configures a forced redirect to HTTPS. For more information, see Configure a forced redirect.
Feature conflict: The forced HTTPS redirect feature conflicts with the forced HTTP redirect feature (function: http_force, Function ID: 45). You can enable only one of them. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. To delete a configuration, you can call the DeleteDcdnSpecificConfig operation. After the configuration is deleted, you can configure the other feature.
Function ID (FunctionID/FuncId): 44.
Parameter description:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable forced redirect to HTTPS:
on: Enables the feature.
off: Disables the feature.
on
https_rewrite
String
No
The redirect method. Valid values are 301 and 308.
301: The GET request method remains unchanged. Other request methods may be changed to GET.
308: The request method and message entity remain unchanged.
301
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "https_rewrite", "argValue": "301" }], "functionName": "https_force" }], "DomainNames": "example.com" }
https_tls_version
Feature description: Configures the TLS version. For more information, see Configure TLS versions and cipher suites.
Function ID (FuncId): 110.
Parameters:
Parameter
Type
Required
Description
Example value
tls10
String
No
Specifies whether to enable TLSv1.0:
on (default): Enables the setting.
Off: The instance is shut down.
on
tls11
String
No
Specifies whether to enable TLSv1.1:
on (default): Enabled.
off: Indicates a shutdown.
on
tls12
String
No
Specifies whether to enable TLSv1.2:
On (default): The setting is enabled.
Off: Shut down.
on
tls13
String
No
Specifies whether to enable TLSv1.3:
on (default): Enables the setting.
off: Shutdown.
on
ciphersuitegroup
String
No
The cipher suite group:
all (default): All cipher suites.
strict: Strong cipher suites.
custom: Custom cipher suites.
all
ciphersuite
String
No
The custom cipher suites. This parameter is valid only when ciphersuitegroup is set to custom. Specify multiple cipher suites separated by commas.
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Configuration examples:
Default configuration: Enable TLS 1.0, TLS 1.1, and TLS 1.2, and use all cipher suites.
{ "Functions": [{ "functionArgs": [ { "ArgValue": "on", "ArgName": "tls10" }, { "ArgValue": "on", "ArgName": "tls11" }, { "ArgValue": "on", "ArgName": "tls12" }, { "ArgValue": "off", "ArgName": "tls13" }, { "ArgValue": "all", "ArgName": "ciphersuitegroup" } ], "functionName": "https_tls_version" }], "DomainNames": "example.com" }Enable TLS 1.2 and TLS 1.3, and use strong cipher suites.
{ "Functions": [{ "functionArgs": [ { "ArgValue": "off", "ArgName": "tls10" }, { "ArgValue": "off", "ArgName": "tls11" }, { "ArgValue": "on", "ArgName": "tls12" }, { "ArgValue": "on", "ArgName": "tls13" }, { "ArgValue": "strict", "ArgName": "ciphersuitegroup" } ], "functionName": "https_tls_version" }], "DomainNames": "example.com" }Enable TLS 1.2 and TLS 1.3, and use custom cipher suites.
{ "Functions": [{ "functionArgs": [ { "ArgValue": "off", "ArgName": "tls10" }, { "ArgValue": "off", "ArgName": "tls11" }, { "ArgValue": "on", "ArgName": "tls12" }, { "ArgValue": "on", "ArgName": "tls13" }, { "ArgValue": "custom", "ArgName": "ciphersuitegroup" }, { "ArgValue": "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "ArgName": "ciphersuite" } ], "functionName": "https_tls_version" }], "DomainNames": "example.com" }
HSTS
Description: Configures HTTP Strict Transport Security (HSTS). For more information, see Configure HSTS.
The Function ID (FunctionID/FuncId) is 112.
Parameter description:
Parameter
Type
Required
Description
Example value
enabled
String
Yes
Enable HSTS:
Enabled.
off: Shuts down the system.
on
https_hsts_max_age
Integer
Yes
The expiration time in seconds.
NoteThe recommended value is 5,184,000 s (60 days).
5184000
https_hsts_include_subdomains
String
No
Specifies whether to include the subdomain parameter in the HTTP Strict Transport Security (HSTS) header. Valid values are on or off.
NoteBefore you enable this option, ensure that HTTPS is enabled for all subdomains of the accelerated domain name. Otherwise, the subdomains become inaccessible after they are automatically redirected to HTTPS.
off
Example configuration:
{ "Functions": [{ "functionArgs": [{ "argName": "enabled", "argValue": "on" }, { "argName": "https_hsts_max_age", "argValue": "5184000" }, { "argName": "https_hsts_include_subdomains", "argValue": "off" }], "functionName": "HSTS" }], "DomainNames": "example.com" }
Access control
referer_white_list_set
Description: Configures a Referer whitelist. For more information about how to configure this feature in the console, see Configure Referer hotlink protection.
Conflicts: The Referer whitelist feature is mutually exclusive with the Referer blacklist feature (function: referer_black_list_set, function ID: 5). You can enable only one of them. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. To delete a specific configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 1.
Parameters:
Parameter
Type
Required
Description
Example
refer_domain_allow_list
String
Yes
The whitelist. Separate multiple domain names with commas (,).
example.aliyundoc.com,demo.aliyundoc.comallow_empty
String
No
Specifies whether to allow access to DCDN resources if the Referer field is empty. Valid values:
on: Allows access.
off (default): Denies access.
off
redirect_url
String
No
The redirection URL. If the Referer in a user request does not match any domain name in the whitelist, the request is blocked. Instead of returning a 403 error, DCDN returns a 302 status code and the Location header. This parameter specifies the value of the Location header. The URL must start with http:// or https://.
http://www.example.comdisable_ast
String
No
Enables exact match mode. This controls whether domain names in the whitelist are matched exactly. If you set this parameter to on, exact match is used.
If set to on:
Exact match is supported.
If the whitelist contains
example.com, it matchesexample.com.If the whitelist contains
a*b.example.com, it matchesa<any string>b.example.com.
Suffix match is not supported.
If set to off (default):
Exact match is not supported.
Suffix match is supported.
If the whitelist contains
example.com, it matchesexample.comand<any string>.example.com.If the whitelist contains
a*b.example.com, it matchesa<any string>b.example.comand<any string>.a<any string>b.example.com.
off
ignore_scheme
String
No
Specifies whether to ignore the scheme. If enabled, a Referer in a user request is considered valid even if it does not include the HTTP or HTTPS protocol header. Examples:
If set to on, the Referer format is:
referer: www.example.comIf set to off (default), the Referer format is:
referer: https://www.example.com
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "allow_empty", "argValue": "off" }, { "argName": "refer_domain_allow_list", "argValue": "example.aliyundoc.com,demo.aliyundoc.com" }], "functionName": "referer_white_list_set" }], "DomainNames": "example.com" }
referer_black_list_set
Description: Configures a Referer blacklist. For more information about how to configure this feature in the console, see Configure Referer hotlink protection.
Conflicts: The Referer blacklist feature is mutually exclusive with the Referer whitelist feature (function: referer_white_list_set, function ID: 1). You can enable only one of them. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. To delete a specific configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 5.
Parameters:
Parameter
Type
Required
Description
Example
refer_domain_deny_list
String
Yes
The blacklist. Separate multiple domain names with commas (,).
example.aliyundoc.com,demo.aliyundoc.comallow_empty
String
No
Specifies whether to allow access to DCDN resources if the Referer field is empty:
on: Allows access.
off: Denies access.
off
redirect_url
String
No
The redirection URL. If the Referer in a user request matches a domain name in the blacklist, the request is blocked. Instead of returning a 403 error, DCDN returns a 302 status code and the Location header. This parameter specifies the value of the Location header. The URL must start with http:// or https://.
http://www.example.comdisable_ast
String
No
Enables exact match mode. This controls whether domain names in the blacklist are matched exactly. If you set this parameter to on, exact match is used.
If set to on:
Exact match is supported.
If the blacklist contains
example.com, it matchesexample.com.If the blacklist contains
a*b.example.com, it matchesa<any string>b.example.com.
Suffix match is not supported.
If set to off (default):
Exact match is not supported.
Suffix match is supported.
If the blacklist contains
example.com, it matchesexample.comand<any string>.example.com.If the blacklist contains
a*b.example.com, it matchesa<any string>b.example.comand<any string>.a<any string>b.example.com.
off
ignore_scheme
String
No
Specifies whether to ignore the scheme. If enabled, a Referer in a user request is considered valid even if it does not include the HTTP or HTTPS protocol header. Examples:
If set to on, the Referer format is:
referer: www.example.comIf set to off (default), the Referer format is:
referer: https://www.example.com
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "allow_empty", "argValue": "off" }, { "argName": "refer_domain_deny_list", "argValue": "example.aliyundoc.com,demo.aliyundoc.com" }], "functionName": "referer_black_list_set" }], "DomainNames": "example.com" }
aliauth
Description: Configures URL signing. For more information about how to configure this feature in the console, see Configure URL signing.
Function ID (FunctionID/FuncId): 25.
Parameters:
Parameter
Type
Required
Description
Example
auth_m3u8
String
No
Enables M3U8 content rewriting. This adds the required signing parameters to the TS files within the M3U8 file to prevent access failures. Valid values are on (default) and off.
on
auth_type
String
Yes
The signing method. Valid values:
no_auth: No signing.
type_a: type A signing.
type_b: type B signing.
type_c: type C signing.
type_f: type F signing.
type_a
auth_key1
String
Yes
Encryption key 1. The key must be 16 to 128 characters in length and can contain uppercase letters, lowercase letters, and digits.
1234567890123456789
auth_key2
String
No
Encryption key 2. The key must be 16 to 128 characters in length and can contain uppercase letters, lowercase letters, and digits.
1234567890123456789
ali_auth_delta
Integer
No
The validity period of the signed URL. Default value: 1800. Unit: seconds.
1800
req_auth_ip_white
String
No
The IP whitelist. IP addresses in this list are exempt from signing verification.
You can enter multiple IP addresses. Separate them with commas (,).
192.168.0.1
req_auth_ip_acl_xfwd
String
No
The method to fetch the client IP address for the whitelist. Valid values:
on: This is the default mode. DCDN verifies the first IP address on the left in the X-Forwarded-For header of the user request. This IP address is the originating IP address of the client.
off: DCDN verifies the IP address used to establish the connection between the client and the DCDN point of presence.
all: DCDN verifies both of the following IP addresses:
The first IP address on the left in the X-Forwarded-For header of the user request, which is the originating IP address of the client.
The IP address used to establish the connection between the client and the DCDN point of presence.
all
sign_param
String
No
The name of the signing parameter. This parameter is valid only when `auth_type` is set to `type_f`.
sign
time_param
String
No
The name of the timestamp parameter. This parameter is valid only when `auth_type` is set to `type_f`.
time
time_format
String
No
The format of the timestamp. This parameter is valid only when `auth_type` is set to `type_f`.
dec: decimal
hex: hexadecimal
hec
path_encoding
String
No
Specifies whether to enable URL encoding. Valid values: on and off. This parameter is valid only when `auth_type` is set to `type_f`.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "auth_type", "argValue": "type_a" }, { "argName": "auth_key1", "argValue": "1234567890123456789" }, { "argName": "auth_key2", "argValue": "1234567890123456789" }, { "argName": "ali_auth_delta", "argValue": 1800 }, { "argName": "req_auth_ip_white", "argValue": "192.168.0.1" }, { "argName": "req_auth_ip_acl_xfwd", "argValue": "all" }, { "argName": "sign_param", "argValue": "sign" }, { "argName": "time_param", "argValue": "time" }, { "argName": "time_format", "argValue": "hec" }, { "argName": "path_encoding", "argValue": "on" }], "functionName": "aliauth" }], "DomainNames": "example.com" }
cdn_remote_auth
Description: Configures remote authentication.
Function ID (FunctionID/FuncId): 258.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable remote authentication. Valid values:
Enabled.
Off: Shutdown.
on
remote_auth_addr
String
Yes
The address of the authentication server. Format:
https://dcdn.aliyun.com/authorhttp://10.10.10.10/auth.https://example.aliyundoc.com/auth
remote_auth_method
String
Yes
The request method. Valid values: get, post, and head.
get
remote_auth_type
String
Yes
The file types that require authentication. `all` indicates all file types. To specify multiple file types, separate them with vertical bars (|). The file types are case-sensitive. For example, jpg is not the same as JPG.
all
remote_auth_reserve_args
String
Yes
The parameters to retain in the request. To specify multiple parameters, separate them with vertical bars (|). The parameters are case-insensitive. For example, key is the same as KEY.
all: Retains all parameters.
ali_delete_all_args: Deletes all URL parameters.
all
remote_auth_custom_args
String
No
The custom parameters to add. To specify multiple parameters, separate them with vertical bars (|). The parameters are case-sensitive. For example, key is not the same as KEY.
empty
remote_auth_reserve_header
String
Yes
The request headers to retain. To specify multiple headers, separate them with vertical bars (|). The headers are case-insensitive. For example, http_remote_addr is the same as HTTP_Remote_Addr.
all: Retains all request headers.
ali_delete_all_headers: Deletes all request headers.
all
remote_auth_custom_header
String
No
The custom request headers to add. To specify multiple headers, separate them with vertical bars (|). The headers are case-insensitive. For example, http_remote_addr is the same as HTTP_Remote_Addr.
empty
remote_auth_success_code
Integer
Yes
The status code for successful authentication. This is the result that the authentication server returns to DCDN after a successful authentication. Example: 200. You can specify multiple status codes. Separate them with commas (,).
200
remote_auth_fail_code
Integer
Yes
The status code for failed authentication. This is the result that the authentication server returns to DCDN after a failed authentication. Example: 403. You can specify multiple status codes. Separate them with commas (,).
403,404
remote_auth_other_code_act
String
No
The action that DCDN takes on a user request if the status code returned by the authentication server is not a success or failure code. Valid values:
pass (default): Allows the request.
reject: Denies the request.
pass
remote_auth_fail_resp_code
Integer
Yes
The response status code that DCDN returns to the user after a failed authentication. Example: 403.
403
remote_auth_timeout
Integer
Yes
The authentication timeout period. Unit: ms. The maximum value is 3000.
500
remote_auth_timeout_action
String
Yes
The action to take when authentication times out. Valid values:
pass: DCDN allows the user request.
reject: DCDN returns the specified `remote_auth_fail_resp_code` to the user.
pass
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "remote_auth_addr", "argValue": "https://example.aliyundoc.com/auth" }, { "argName": "remote_auth_method", "argValue": "get" }, { "argName": "remote_auth_type", "argValue": "all" }, { "argName": "remote_auth_reserve_args", "argValue": "all" }, { "argName": "remote_auth_custom_args", "argValue": "" }, { "argName": "remote_auth_reserve_header", "argValue": "all" }, { "argName": "remote_auth_custom_header", "argValue": "" }, { "argName": "remote_auth_success_code", "argValue": "200" }, { "argName": "remote_auth_fail_code", "argValue": "403" }, { "argName": "remote_auth_other_code_act", "argValue": "pass" }, { "argName": "remote_auth_fail_resp_code", "argValue": "403" }, { "argName": "remote_auth_timeout", "argValue": 500 }, { "argName": "remote_auth_timeout_action", "argValue": "pass" }], "functionName": "cdn_remote_auth" }], "DomainNames": "example.com" }
ip_allow_list_set
Description: Configures an IP whitelist. For more information about how to configure this feature in the console, see Configure IP blacklists and whitelists.
Conflicts: The IP whitelist feature is mutually exclusive with the IP blacklist feature (function: ip_black_list_set, function ID: 13). You can enable only one of them. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. To delete a specific configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 69.
Parameters:
Parameter
Type
Required
Description
Example
ip_list
String
Yes
The IP list. Separate multiple IP addresses or CIDR blocks with commas (,).
192.168.0.1/24
customize_response_status_code
String
No
The custom response status code. The default value is empty, which indicates that the response status code is 403. You can enter a 3-digit number to set a custom response status code.
429
ip_acl_xfwd
String
No
Specifies whether to use the IP address in the X-Forwarded-For header. Valid values:
on: This is the default value. DCDN uses the first IP address on the left in the
x-forwarded-forheader of the user request for verification.off: Uses the
real client IPaddress.all: DCDN uses both the
x-forwarded-forheader and theIP address of the connectionfor verification.
all
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "ip_list", "argValue": "192.168.0.1/24" }], "functionName": "ip_allow_list_set" }], "DomainNames": "example.com" }
ip_black_list_set
Description: Configures an IP blacklist. For more information about how to configure this feature in the console, see Configure IP blacklists and whitelists.
Conflicts: The IP blacklist feature is mutually exclusive with the IP whitelist feature (function: ip_allow_list_set, function ID: 69). You can enable only one of them. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its switch parameter is set to `off`. To delete a specific configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 13.
Parameters:
Parameter
Type
Required
Description
Example
ip_list
String
Yes
The IP list. Separate multiple IP addresses or CIDR blocks with commas (,).
192.168.0.1
customize_response_status_code
String
No
The custom response status code. The default value is empty, which indicates that the response status code is 403. You can enter a 3-digit number to set a custom response status code.
429
ip_acl_xfwd
String
No
Specifies whether to use the IP address in the X-Forwarded-For header. Valid values:
on: This is the default value. DCDN uses the first IP address on the left in the
x-forwarded-forheader of the user request for verification.off: Uses the
actual source IP address.all: DCDN uses both the
x-forwarded-forheader and theIP address of the connectionfor verification.
all
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "ip_list", "argValue": "192.168.0.1" }], "functionName": "ip_black_list_set" }], "DomainNames": "example.com" }
ali_ua
Description: Configures access control based on the User-Agent header. For more information about how to configure this feature in the console, see Configure User-Agent blacklists and whitelists.
Function ID (FunctionID/FuncId): 58.
Parameters:
Parameter
Type
Required
Description
Example
ua
String
Yes
The User-Agent strings. The wildcard character (*) is supported to match any string. To specify multiple values, separate them with vertical bars (|). Example:
*curl*|*IE*|*chrome*|*firefox*.*curl*|*IE*|*chrome*|*firefox*
type
String
Yes
The type of list. Valid values:
black: blacklist.
white: whitelist.
NoteBlacklists and whitelists are mutually exclusive. Only one type can be effective at a time.
black
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "ua", "argValue": "*curl*|*IE*|*chrome*|*firefox*" }, { "argName": "type", "argValue": "black" }], "functionName": "ali_ua" }], "DomainNames": "example.com" }
Performance optimization
tesla
Feature description: Configures HTML optimization to accelerate page loading. For more information, see HTML Optimization.
Function ID (FunctionID/FuncId): 16.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable acceleration for HTML optimization.
on: Enables the feature.
off: Disables the feature.
on
trim_js
String
No
Specifies whether to optimize the inline JavaScript (JS) code in HTML.
on: Enables the feature.
off (default): Disables the optimization.
off
trim_css
String
No
Specifies whether to optimize the inline Cascading Style Sheets (CSS) code in HTML.
on: Enables the optimization.
off (default): The shutdown state.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "trim_css", "argValue": "off" }, { "argName": "trim_js", "argValue": "off" }], "functionName": "tesla" }], "DomainNames": "example.com" }
gzip
Feature description: Optimizes pages using Gzip compression. For more information about this feature, see Gzip compression.
Function ID (FunctionID/FuncId): 35.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable Gzip optimization for pages.
on: Enables the feature.
off: Disables the feature.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }], "functionName": "gzip" }], "DomainNames": "example.com" }
brotli
Feature description: Configures Brotli compression for pages. For more information about this feature, see Brotli compression.
Function ID (FunctionID/FuncId): 97.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable Brotli compression for pages.
on: Enables the feature.
off: Disables the feature.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }], "functionName": "brotli" }], "DomainNames": "example.com" }
set_hashkey_args
Feature description: Configures the feature to ignore URL parameters by retaining only specified parameters. For more information about this feature, see Ignore parameters.
Feature conflict: The Ignore URL Parameters (Retain) feature conflicts with the Ignore URL Parameters (Delete) feature (function: ali_remove_args, function ID: 75). You can enable only one of these features at a time. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its enable parameter is set to `off`. To delete a feature configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 19.
Parameters:
Parameter
Type
Required
Description
Example
hashkey_args
String
No
The list of parameters to retain. Separate multiple parameters with commas (,). You can specify up to 10 parameters.
key1,key2
disable
String
Yes
Specifies whether to ignore all parameters.
on: Ignores all parameters. The features to delete, retain, and modify parameters are disabled. Only the feature to add parameters remains effective.
off (default): Disables the feature. The features to retain, add, and delete parameters remain effective.
NoteThe priority of ignoring all parameters for the cache hash key is lower than the priority of retaining a list of cache parameters.
on
keep_oss_args
String
Yes
Specifies whether to retain parameters for origin fetch requests.
on: Retains all parameters in origin fetch requests.
off: The parameters in origin fetch requests are the same as the parameters in the cache hash key.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "hashkey_args", "argValue": "" }, { "argName": "keep_oss_args", "argValue": "on" }, { "argName": "disable", "argValue": "on" }], "functionName": "set_hashkey_args" }], "DomainNames": "example.com" }
ali_remove_args
Feature description: Configures the feature to ignore URL parameters by deleting specified parameters. For more information about this feature, see Ignore parameters.
Feature conflict: The Ignore URL Parameters (Delete) feature conflicts with the Ignore URL Parameters (Retain) feature (function: set_hashkey_args, function ID: 19). You can enable only one of these features at a time. If one feature is already configured, you must delete its configuration before you can configure the other. A feature is considered configured even if its enable parameter is set to `off`. To delete a feature configuration for a domain name, you can call the DeleteDcdnSpecificConfig operation.
Function ID (FunctionID/FuncId): 75.
Parameters:
Parameter
Type
Required
Description
Example
ali_remove_args
String
Yes
The parameters to delete. Separate multiple parameters with spaces.
NoteThe remaining parameters are used as the URL arguments in the hash key.
test
keep_oss_args
String
Yes
Specifies whether to retain parameters for origin fetch requests.
on: Retains all parameters in origin fetch requests.
off: The parameters in origin fetch requests are the same as the parameters in the cache hash key.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "ali_remove_args", "argValue": "test" }, { "argName": "keep_oss_args", "argValue": "off" }], "functionName": "ali_remove_args" }], "DomainNames": "example.com" }
image_transform
Feature description: Configures DCDN image transformation. For more information about this feature, see Image editing methods and benefits.
Function ID (FunctionID/FuncId): 239.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable image transformation.
on: Enables the feature.
off: Disables the feature.
on
filetype
String
Yes
The image formats that support transcoding. Separate multiple formats with a vertical bar (|). The following values are supported:
JPEG: The JPEG image format.
JPG: The JPG image format.
PNG: The PNG image format.
WEBP: The WEBP image format.
BMP: The BMP image format.
GIF: The GIF image format.
TIFF: The TIFF image format.
JP2: The JPEG 2000 image format.
jpg|jpeg|png
webp
String
No
Specifies whether to enable automatic conversion to WebP.
on: Enables the conversion.
off: The instance is shut down.
on
orient
String
No
Specifies whether to enable automatic image rotation.
on: The feature is enabled.
off: The resource is shut down.
NoteThis feature works only for images that have a rotation property.
on
slim
Integer
No
Image slimming. Set the slimming percentage. The value can be from 0 to 100. This feature reduces the image quality to save traffic without changing the resolution, dimensions, or format.
10
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "filetype", "argValue": "jpg|jpeg|png" }, { "argName": "webp", "argValue": "on" }, { "argName": "orient", "argValue": "on" }, { "argName": "slim", "argValue": "" }, { "argName": "enable", "argValue": "on" }], "functionName": "image_transform" }], "DomainNames": "example.com" }
Video features
range
Feature description: Configures range origin fetch. For more information, see Configure Range Origin Fetch.
Function ID: 31.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable range origin fetch.
on: Enable.
off: Disable.
force: Forcibly enable.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }], "functionName": "range" }], "DomainNames": "example.com" }
video_seek
Description: Configures video seeking. For console configuration details, see Video seeking.
Function ID: 30.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable video seeking.
on: Enable.
off: Disable.
on
flv_seek_by_time
String
No
Specifies whether to enable seeking by time for FLV files.
on: Enable.
off: Disable.
on
mp4_seek_start
String
No
The custom start parameter for MP4 files.
mp4starttime
mp4_seek_end
String
No
The custom end parameter for MP4 files.
mp4endtime
flv_seek_start
String
No
The custom start parameter for FLV files.
flvstarttime
flv_seek_end
String
No
The custom end parameter for FLV files.
flvendtime
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }], "functionName": "video_seek" }], "DomainNames": "example.com" }
ali_video_split
Description: Configures audio-only playback.
Function ID: 204.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable audio-only playback.
on: Enable.
off: Disable.
on
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }], "functionName": "ali_video_split" }], "DomainNames": "example.com" }
ali_video_preview
Description: Configures video preview.
Function ID: 205.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable video preview.
on: Enable.
off: Disable.
NoteYou can use TS and MP3 files, and drag and drop FLV and MP4 files.
on
ali_video_preview_argument
String
Yes
The custom parameter name for video preview. The value of this parameter must be in seconds.
fds
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "ali_video_preview_argument", "argValue": "fds" }], "functionName": "ali_video_preview" }], "DomainNames": "example.com" }
hls_token_rewrite
Description: Configures M3U8 encryption and rewrite.
Function ID: 253.
Parameters:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable M3U8 encryption and rewrite.
on: Enable.
off: Disable.
on
hls_token_arg_name
String
No
The custom parameter name for the HLS token. If you do not set this parameter, MtsHlsUriToken is used as the default parameter name.
example
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }], "functionName": "hls_token_rewrite" }], "DomainNames": "example.com", }
Security configuration
ddos_domain
Feature description: Configures Anti-DDoS scheduling. For more information, see Mitigation Settings.
Function ID (FuncId): 209.
Parameter description:
Parameter
Type
Required
Description
Example
enable
String
Yes
Specifies whether to enable Anti-DDoS protection:
on: Enable
off: Disable
on
dispatch_qps
String
No
The queries per second (QPS) threshold.
Value range: 2000 to 50000.
Default value: 20000.
20000
auto_dispatch
String
No
Enables intelligent traffic scrubbing. If you enable this feature, you do not need to specify a QPS threshold. The DCDN system automatically determines whether to enable the traffic scrubbing pattern.
on: Enable
off: Disable
on
checkurl
String
Yes
The path for the health check under the domain name.
Default value:
/(the root directory of the domain name)./*/examplefile.txt
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enable", "argValue": "on" }, { "argName": "dispatch_qps", "argValue": "20000" }, { "argName": "checkurl", "argValue": "/*/examplefile.txt" }], "functionName": "ddos_domain" }], "DomainNames": "example.com" }
Rate limiting
limit_rate
Feature description: Configures the rate limit for a single request.
Function ID: 72.
Parameter description:
You can configure a fixed rate limit with `ali_limit_rate`, a dynamic rate limit based on parameters in the request URL, or a time-based rate limit.
To limit rates based on parameters in the request URL, use the `traffic_limit_arg` and `traffic_limit_unit` parameters together.
To set a start and end time for rate limiting, use the `ali_limit_start_hour` and `ali_limit_end_hour` parameters together.
Parameter
Type
Required
Description
Example value
ali_limit_rate
String
Yes
Specifies the rate limit for a single request. The value is a number followed by a unit. Supported units are `k` for KByte/s and `m` for MByte/s.
The minimum value is `100k`. Values less than `100k` are processed as `100k`.
`1m`: Sets the rate limit for a single request to 1 MByte/s.
`100k`: Sets the rate limit for a single request to 100 KByte/s.
ali_limit_rate_after
String
No
The amount of data to send before rate limiting starts. The value is a number followed by a unit. Supported units are `k` for KByte and `m` for MByte.
1000
traffic_limit_arg
String
No
The name of the rate limiting parameter. The rate is limited based on the argument fetched from the URL. For example, `rate`.
If the request does not contain this parameter, the default rate limit specified by `ali_limit_rate` is used. To disable rate limiting when this parameter is not in the request, set `ali_limit_rate` to `0k`.
rate
traffic_limit_unit
String
No
The unit for the `traffic_limit_arg` parameter. Supported units are `m` (MByte/s) and `k` (KByte/s). For example, if this parameter is set to `m` and a request URL contains `rate=1`, the actual rate limit is 1 MByte/s.
The minimum value is `100k`. Values less than `100k` are processed as `100k`.
m
ali_limit_start_hour
Integer
No
The start time for rate limiting. The value must be an integer from 0 to 24 and must be less than the end time. The default value is 0.
NoteThis represents an hour on a 24-hour clock. For example, `0` represents 00:00:00 and `24` represents 24:00:00.
20
ali_limit_end_hour
Integer
No
The end time for rate limiting. The value must be an integer from 0 to 24 and must be greater than the start time. The default value is 24.
23
Configuration example 1: Sets the rate limit for a single request to 1 MB/s.
{ "Functions": [{ "functionArgs": [{ "argName": "ali_limit_rate", "argValue": "1m" }], "functionName": "limit_rate" }], "DomainNames": "example.com" }Configuration example 2: The default rate limit for a single request is 1 MB/s. If the request URL contains the `rate` parameter, the rate is limited based on the value of that parameter. For example, if a request contains `rate=200`, the actual rate limit becomes 200 KB/s.
{ "Functions": [{ "functionArgs": [{ "argName": "ali_limit_rate", "argValue": "1m" },{ "argName": "traffic_limit_arg", "argValue": "rate" },{ "argName": "traffic_limit_unit", "argValue": "k" }], "functionName": "limit_rate" }], "DomainNames": "example.com" }
WebSocket
websocket
Description: Configures WebSocket. For more information, see Configure WebSocket.
Function ID (FunctionID/FuncId): 144.
Parameter descriptions:
Parameter
Type
Required
Description
Example value
enabled
String
Yes
Specifies whether to enable WebSocket.
on: Enables the feature.
off: Disables the feature.
on
origin_scheme
String
No
The protocol for WebSocket origin fetch requests. Valid values:
http: WebSocket uses HTTP for origin fetch.
https: WebSocket uses HTTPS for origin fetch. The origin server must support port 443.
follow: WebSocket uses the same protocol as the client's request. The origin server must support port 443 or port 80.
NoteIf you do not set this parameter, the default value is follow.
http
heartbeat
String
No
The connection timeout.
Value range: 1 to 300
Unit: seconds
Default value: 60
60
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "enabled", "argValue": "on" }, { "argName": "origin_scheme", "argValue": "http" }, { "argName": "heartbeat", "argValue": "60" }], "functionName": "websocket" }], "DomainNames": "example.com" }
IP application acceleration
protogw
Feature description: Configures IP application acceleration. For more information, see What is IP application acceleration?.
Feature ID (FunctionID/FuncId): 163.
Parameters:
Parameter
Type
Required
Description
Example
realip
String
Yes
Specifies the protocol used to pass through the originating IP address of the client. Valid values:
off: The shutdown state.
toa: Passes through the originating IP address of the client. You must install the TOA kernel module on the origin server. No modifications to the service program are required.
pp: Passes through the originating IP address of the client. This protocol is supported by open source Nginx by default. You must ensure that other origin server software is compatible.
toa
port
String
Yes
The acceleration port.
NoteAcceleration is not supported on the following ports: 22, 123, 161 to 162, 179, 830, 2049, 2601, 2605, 3389, 5049, 7547, 8082, 8087, 8182, 8888, 9998, 15772, 15776, 15778 to 15779, 18053, 18098 to 18099, 18888, 19313, 19777, and 56667.
To add port 80 or 443, submit a ticket.
8443
mux
String
No
Specifies whether to enable multiplexing for the port. Valid values:
on: On.
off: Off.
off
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "realip", "argValue": "toa" }, { "argName": "port", "argValue": "8443" }, { "argName": "mux", "argValue": "off" }], "functionName": "protogw" }], "DomainNames": "example.com" }
EdgeScript/Edge function
edge_function
Description: Configures EdgeScript. For more information, see EdgeScript overview.
Function ID (FunctionID or FuncId): 180.
Parameter description:
Parameter
Type
Required
Description
Example
rule
String
Yes
The DSL rule.
if eq($uri, '/') {\n rewrite('https://example.com/index.html', 'redirect')\n}
pri
Integer
Yes
The priority. Valid values: [0, 999]. A smaller value indicates a higher priority.
NoteThe priorities for header execution and footer execution are independent of each other.
0
enable
String
Yes
Specifies whether to enable the rule. Valid values:
on: The rule is enabled.
off: The rule is disabled.
on
name
String
Yes
The rule name. Only letters and underscores (_) are supported.
test
pos
String
No
The position where the rule is executed. Valid values:
head (default): The rule is executed at the beginning of the request processing flow.
foot: The rule is executed at the end of the request processing flow.
head
brk
String
No
Specifies whether to break the execution. Valid values:
on: If this rule is hit, the remaining rules at the current execution position are skipped.
off (default): If this rule is hit, the remaining rules are still executed.
off
option
String
No
The extension field.
empty
grammar
String
No
The rule syntax. Valid values: es2 (default) and js.
/
jsmode
String
No
The JavaScript (JS) execution mode. Valid values:
redirect: Block Mode.
bypass (default): Bypass mode.
/
Configuration example:
{ "Functions": [{ "functionArgs": [{ "argName": "name", "argValue": "test" }, { "argName": "rule", "argValue": "if eq($uri, '/') {\n rewrite('https://example.com/index.html', 'redirect')\n}" }, { "argName": "pri", "argValue": "0" }, { "argName": "pos", "argValue": "head" }, { "argName": "enable", "argValue": "on" }, { "argName": "brk", "argValue": "off" }, { "argName": "option", "argValue": "" }], "functionName": "edge_function" }], "DomainName": "example.com" }
EdgeRoutine
edgeroutine
Description: Configures EdgeRoutine. For more information, see What is an edge function?.
Feature ID (FunctionID/FuncId): 275.
This feature is available only upon request. To use this feature, you must or submit a ticket.
Rules engine
condition
Feature description: The rules engine lets you configure various conditional rules. Conditional rules detect parameters in user requests to determine whether a configuration applies to a specific request. You can use these rules for more flexible and precise control over how DCDN configuration policies are executed.
Feature ID (FunctionID/FuncId): 250.
Parameter description:
Parameter
Type
Required
Description
Example value
rule
Array
Yes
The content of the conditional rule, including its name, status, logical operator, and conditional expression.
Rule content:
{\"match\":{\"logic\":\"and\",\"criteria\":[{\"matchType\":\"clientipVer\",\"matchObject\":\"CONNECTING_IP\",\"matchOperator\":\"equals\",\"matchValue\":\"v6\",\"negate\":false}]},\"name\":\"example\",\"status\":\"enable\"}Result:
Rule name: example
Status: enable
Logical operator: and
Conditional expression: The protocol version of the client's connecting IP address is v6.
The following table describes the format of the conditional expression, which is the format for `argValue`:
Parameter
Description
"match":
`match` specifies a conditional match expression.
"logic":"and"
`logic` specifies the logical operator for the conditional match expression. Valid values are `and` and `or`.
"criteria"
`criteria` specifies the content of the conditional expression.
"matchType":"clientipVer"
`matchType` specifies the type of information in the user request to match.
"matchObject":"CONNECTING_IP"
`matchObject` further specifies the match type. For example, a client IP address can be specified as a connecting IP address or an X-Forwarded-For (XFF) IP address.
"matchOperator":"equals"
`matchOperator` specifies the action for the match operation.
"matchValue":"v6"
`matchValue` specifies the preset value to match against the information in the user request.
"negate":false
`negate` specifies whether to negate the result of the conditional expression. Valid values are `true` and `false`.
"name":"example"
`name` specifies the name of the conditional rule.
"status":"enable"
`status` specifies the status of the conditional rule.
Configuration example:
The following example shows how to use OpenAPI to add a rules engine configuration for the accelerated domain name
example.com. This configuration matches and filters requests based on whether the client IP protocol version is IPv6.{ "Functions": [{ "functionArgs": [{ "argName": "rule", "argValue": "{\"match\":{\"logic\":\"and\",\"criteria\":[{\"matchType\":\"clientipVer\",\"matchObject\":\"CONNECTING_IP\",\"matchOperator\":\"equals\",\"matchValue\":\"v6\",\"negate\":false}]},\"name\":\"example\",\"status\":\"enable\"}" }], "functionName": "condition" }], "DomainNames": "example.com" }After you create a rules engine configuration, you can associate it with other feature configurations. This provides more flexible and precise control over how DCDN configuration policies are executed.
Notes:
To reference a rules engine configuration from another feature, set the `parentid` parameter to the `configid` of the conditional rule. The `configid` is generated when you add the rules engine configuration.
The `parentid` parameter is not supported when the function is `condition` (rules engine).
QUIC
iquic
Description: Configures the QUIC protocol. For more information, see What is QUIC?.
Function ID: 281.
Parameters:
Parameter
Type
Required
Description
Example value
iquic_enable
String
Yes
Specifies whether to enable the QUIC protocol:
on: Enable
off: Disable
onConfiguration example
{ "Functions": [{ "functionArgs": [{ "argName": "iquic_enable", "argValue": "on" }], "functionName": "iquic" }], "DomainNames": "example.com" }