Release Notes and Announcements
- Release Notes
- Security Announcement
  - Protection against DDoS attacks targeting HTTP/2 protocol vulnerabilities
- Announcements
  - EdgeOne Console Upgrade Instructions
  - 【Tencent Cloud EdgeOne】Cloud API Change Notification
Product Introduction
- Overview
- Strengths
- Use Cases
Purchase Guide
- Billing Overview
- Basic Service Fees
  - Plan Fees
  - Fees for Out-of-plan Resource Usage (Pay-as-You-Go)
- Value-added Service Fees
- Related Tencent Cloud Services
- Extra Package Description (Prepaid)
- Subscriptions
  - Purchase Guide
  - Extra Package Purchase Guide
- Renewals
  - Renewal Guide
  - Extra Package Auto-renewed Guide
- Overdue and Expiration Policies
- Refund Policy
- Usage Cap Policy
- EdgeOne Plan Upgrade Guide
- Comparison of EdgeOne Plans
- Billing Usage
- About "clean traffic" billing instructions
Getting Started
- Quick Start
- Quick access to L4 proxy service
Domain Service
- Hosting DNS Records
- Domain Connection
- HTTPS Certificate
  - Overview
  - Deploying/Updating SSL Certificate for A Domain Name
  - Configuring A Free Certificate for A Domain Name
  - HTTPS Configuration
    - Forced HTTPS Access
    - Enabling HSTS
    - SSL/TLS Security Configuration
      - Configuring SSL/TLS Security
      - TLS Versions and Cipher Suites
    - Enabling OCSP Stapling
- Domain alias
- Traffic Scheduling
  - Traffic Scheduling Management
Site Acceleration
- Overview
- Access Control
  - Token Authentication
- Smart Acceleration
- Cache Configuration
  - Overview
  - EdgeOne Cache Rules
  - Cache Configuration
  - Clear and Preheat Cach
    - Cache Purge
    - URL Pre-Warming
  - How to improve the Cache Hit Rate of EdgeOne
- File Optimization
  - Smart Compression
- Media processing
  - Image Processing
- Network Optimization
  - HTTP/2
  - HTTP/3(QUIC)
    - Overview
    - Enable HTTP/3
    - QUIC SDK
      - SDK Overview
      - SDK Download and Integration
      - Sample Code
        Android
        iOS
      - API Documentation
        Android
        iOS
  - IPv6 Access
  - Maximum Upload Size
  - WebSocket
  - Client IP Geolocation Header
  - Client IP Geographical Location
  - gRPC
- URL Rewrite
  - Access URL Redirection
  - Origin-Pull URL Rewrite
- Modifying Header
  - Modifying HTTP Response Headers
  - Modifying HTTP Request Headers
- Custom Error Page
- Request and Response Actions
Origin Configuration
- Load Balancing
- Origin Group Configuration
- Origin-pull configuration
- Related References
  - ld Version Origin Group Compatible Related Issues
  - VOD Origin Server Details
- Collect EdgeOne origin-pull node IP
Edge Functions
- Overview
- Getting Started
- Operation Guide
  - Function Management
  - Function Trigger
- Runtime APIs
- Sample Functions
- Best Practices
  - Adaptive Image Format Conversion via Edge Functions
Security Protection
- Overview
- DDoS Protection
  - DDoS Protection Overview
  - Exclusive DDoS Protection Usage
  - Configuration of Exclusive DDoS protection Rules
- Web Protection
- Bot Management
  - Overview
  - Bot Intelligent analysis
  - Bot Basic Feature Management
  - Client Reputation
  - Active Detection
  - Custom Bot Rule
  - Bot Exception Rule
  - Related References
    - Action
- Rules Template
- IP and IP Segment Grouping
- Origin Protection
- Custom Response Page
- Alarm Notification
Rule Engine
- Overview
- Supported Matching Types and Actions
- Rule Management
- variables
L4 Proxy
- Overview
- Creating an L4 Proxy Instance
- Modifying an L4 Proxy Instance
- Disabling or Deleting an L4 Proxy Instance
- Batch Configuring Forwarding Rules
- Obtaining Real Client IPs
  - Obtaining Real TCP Client IPs via TOA
  - Obtaining Real Client IPs Through Protocol V1/V2
Data Analysis&Log Service
- Log Service
  - Overview
  - Real-time Logs
  - Offline Logs
  - Related References
    - Field description
      - L7 Access Logs
      - L4 Proxy Logs
    - Real-Time Log Push Filter Conditions
    - Custom Log Push Fields
- Data Analysis
  - Overview
  - Traffic Analysis
  - Cache Analysis
  - Security Analysis
    - Site Security Overview
    - Web Security Analysis
  - L4 Proxy
  - DNS Resolution
  - Related References
- Analytics
Tool Guide
- Diagnostic Tool
  - Self-service debugging
- Speed Test Tools
  - Real User Monitoring
- Terraform
- IP Location Query
Practical Tutorial
- EdgeOne initiates Automatic Warm-up
- Cross-regional Secure Acceleration (Oversea Sites)
- Scheduling Traffic to EdgeOne by Performing Canary Switching
- Through traffic orchestration to multiple service providers
API Documentation
- History
- Introduction
- API Category
- Making API Requests
  - Request Structure
  - Common Params
  - Signature v3
  - Signature
  - Responses
- Site APIs
  - CreateZone
  - DescribeIdentifications
  - ModifyZone
  - DeleteZone
  - ModifyZoneStatus
  - CheckCnameStatus
  - IdentifyZone
  - DescribeZones
  - VerifyOwnership
- Acceleration Domain Management APIs
  - CreateAccelerationDomain
  - DescribeAccelerationDomains
  - ModifyAccelerationDomain
  - ModifyAccelerationDomainStatuses
  - DeleteAccelerationDomains
  - CreateSharedCNAME
  - BindSharedCNAME
  - DeleteSharedCNAME
- Site Acceleration Configuration APIs
  - CreateRule
  - DeleteRules
  - DescribeHostsSetting
  - DescribeRules
  - DescribeRulesSetting
  - DescribeZoneSetting
  - ModifyRule
  - ModifyZoneSetting
- Alias Domain APIs
  - CreateAliasDomain
  - DescribeAliasDomains
  - ModifyAliasDomain
  - ModifyAliasDomainStatus
  - DeleteAliasDomain
- Security Configuration APIs
  - CreateSecurityIPGroup
  - DescribeSecurityIPGroup
  - ModifySecurityIPGroup
  - DeleteSecurityIPGroup
  - DescribeOriginProtection
  - DescribeSecurityTemplateBindings
  - ModifySecurityPolicy
  - BindSecurityTemplateToEntity
  - DescribeSecurityIPGroupInfo
- Layer 4 Application Proxy APIs
  - CreateL4Proxy
  - ModifyL4Proxy
  - ModifyL4ProxyStatus
  - DescribeL4Proxy
  - DeleteL4Proxy
  - CreateL4ProxyRules
  - ModifyL4ProxyRules
  - ModifyL4ProxyRulesStatus
  - DescribeL4ProxyRules
  - DeleteL4ProxyRules
  - CreateApplicationProxy
  - ModifyApplicationProxy
  - ModifyApplicationProxyStatus
  - DescribeApplicationProxies
  - DeleteApplicationProxy
  - CreateApplicationProxyRule
  - ModifyApplicationProxyRule
  - ModifyApplicationProxyRuleStatus
  - DeleteApplicationProxyRule
- Content Management APIs
  - CreatePurgeTask
  - DescribePurgeTasks
  - CreatePrefetchTask
  - DescribePrefetchTasks
  - DescribeContentQuota
- Data Analysis APIs
  - DescribeDDoSAttackData
  - DescribeDDoSAttackEvent
  - DescribeDDoSAttackTopData
  - DescribeOverviewL7Data
  - DescribeTimingL4Data
  - DescribeTimingL7AnalysisData
  - DescribeTopL7AnalysisData
  - DescribeTimingL7CacheData
  - DescribeTopL7CacheData
- Log Service APIs
  - DownloadL7Logs
  - DownloadL4Logs
  - CreateCLSIndex
  - CreateRealtimeLogDeliveryTask
  - ModifyRealtimeLogDeliveryTask
  - DeleteRealtimeLogDeliveryTask
  - DescribeRealtimeLogDeliveryTasks
- Billing APIs
  - CreatePlan
  - UpgradePlan
  - RenewPlan
  - ModifyPlan
  - IncreasePlanQuota
  - DestroyPlan
  - CreatePlanForZone
  - BindZoneToPlan
  - DescribeBillingData
  - DescribeAvailablePlans
- Certificate APIs
  - DescribeDefaultCertificates
  - ModifyHostsCertificate
- Load Balancing APIs
  - CreateOriginGroup
  - ModifyOriginGroup
  - DeleteOriginGroup
  - DescribeOriginGroup
- Custom Response Page APIs
  - CreateCustomizeErrorPage
  - DescribeCustomErrorPages
  - ModifyCustomErrorPage
  - DeleteCustomErrorPage
- Diagnostic Tool APIs
  - DescribeIPRegion
- Version Management APIs
  - CreateConfigGroupVersion
  - DeployConfigGroupVersion
  - DescribeConfigGroupVersionDetail
  - DescribeConfigGroupVersions
  - DescribeDeployHistory
  - DescribeEnvironments
- Data Types
- Error Codes
FAQs
- Reference for Abnormal Status Codes
- Product Features FAQs
- Domain Service FAQs
- Site Acceleration FAQs
- Data and Log FAQs
- Security Protection-related Queries
Agreements
- Service Level Agreement
TEO Policy
- Privacy Policy
- Data Processing And Security Agreement
Contact Us
Glossary

HMAC Digital Signature

Hash-based Message Authentication Code (HMAC) is a kind of message authentication code based on hash function, mainly used to verify data integrity and identity authentication. Web Crypto API is used in this example to achieve HMAC-SHA256 signature and store the signature information in a request header. It achieves data integrity or identity authentication collaborating with origin server. Developers can modify the code based on their specific needs.   
Note
Cooperation with the origin server is required in this example, which means that the origin server must possess the corresponding signature verification algorithm.
For live network use of the code provided in this example, modification must be made in accordance with the comments.
Sample code                  
function uint8ArrayToHex(uint8Array) {
  return Array.prototype.map.call(uint8Array, x => ('0' + x.toString(16)).slice(-2)).join('');
}
﻿
async function generateHmac({ secretKey, message, hash }) {
  const encoder = new TextEncoder();
  const secretKeyBytes = encoder.encode(secretKey);
  const messageBytes = encoder.encode(message);

  const key = await crypto.subtle.importKey('raw', secretKeyBytes, { name: 'HMAC', hash }, false, ['sign']);
﻿
  const signature = await crypto.subtle.sign('HMAC', key, messageBytes);
  const signatureArray = new Uint8Array(signature);
  return uint8ArrayToHex(signatureArray);
}
﻿
async function handleRequest(request) {
  const secretKey = 'YOUR_SECRET_KEY';
  // Please modify the message to the information that needs to be signed, generally a combination of various data, such as timestamp and relevant request information.
  const message = 'YOUR_MESSAGE';

  // Choose one from SHA-1, SHA-256, SHA-384, and SHA-512 for hash.
  const hmac = await generateHmac({ secretKey, message, hash: 'SHA-256' });
  request.headers.set('Authorization', `HMAC-SHA256 ${hmac}`);
﻿
  return fetch(request);
}

addEventListener('fetch', event => {
  event.passThroughOnException();
  event.respondWith(handleRequest(event.request));
});
﻿
Sample Preview
Enter a URL (such as https://example.com/hmac) that matches the trigger rule of edge function in the address bar of a browser on both the PC and mobile terminal to preview the example effect.
Identity verification failed.
﻿
Identity verification succeeded.
﻿
Related References
﻿Runtime APIs: Fetch﻿
﻿Runtime APIs: Web Crypto﻿
﻿Runtime APIs: Headers﻿
﻿Runtime APIs: Response﻿