Edge Acceleration
  • Site Acceleration
    • Overview
    • Quickly Import and Export Site Configuration
    • Access Control
      • Token Authentication
      • Authentication Method A
      • Authentication Method B
      • Authentication Method C
      • Authentication Method D
      • Authentication Method V
    • Smart Acceleration
    • File Optimization
      • Smart Compression
    • Network Optimization
      • HTTP/2
      • HTTP/3(QUIC)
        • Overview
        • Enable HTTP/3
        • QUIC SDK
          • SDK Overview
          • SDK Download and Integration
          • Sample Code
            • Android
            • iOS
          • API Documentation
            • Android
            • iOS
      • IPv6 Access
      • Maximum Upload Size
      • WebSocket
      • Client IP Geolocation Header
      • Client IP Geographical Location
      • gRPC
    • URL Rewrite
      • Access URL Redirection
      • Origin-Pull URL Rewrite
    • Modifying Header
      • Modifying HTTP Response Headers
      • Modifying HTTP Request Headers
    • Custom Error Page
    • Request and Response Actions
      • HTTP Response
      • Processing order
      • Default HTTP Headers of Origin-Pull Requests
      • Default HTTP Response Headers
      • HTTP Restrictions
    • Media Services
      • Audio and Video Pre-pulling
      • Just-in-Time Image Processing
      • Just-in-Time Media Processing
      • VOD Media Origin
  • L4 Proxy
    • Overview
    • Creating an L4 Proxy Instance
    • Modifying an L4 Proxy Instance
    • Disabling or Deleting an L4 Proxy Instance
    • Batch Configuring Forwarding Rules
    • Obtaining Real Client IPs
      • Obtaining Real TCP Client IPs via TOA
      • Obtaining Real Client IPs Through Protocol V1/V2
        • Overview
        • Method 1: Obtaining Real Client IPs Through Nginx
        • Method 2: Parsing Real Client IPs on Application Server
        • Format of Real Client IPs Obtained Through Proxy Protocol V1/V2
      • Transmitting Client Real IP via SPP Protocol
  • Edge DNS
    • Overview
    • Hosting DNS Records
      • Modifying DNS Servers
      • Configuring DNS Records
      • Batch Importing DNS Records
      • Advanced DNS Configuration
      • Enumeration of Resolution Lines and Corresponding Codes
    • Domain Connection
      • Adding A Domain Name for Acceleration
      • Ownership Verification
      • Modifying CNAME Records
      • Verify Business Access
    • Domain alias
      • Overview
      • Configuration Guide
      • Batch Connecting SaaS Domain Names
      • Configuring Alias Domain Names for Disaster Recovery
    • Traffic Scheduling
      • Traffic Scheduling Management
    • Origin Configuration
      • Origin-pull configuration
        • Origin-Pull Timeout
        • Configuring Origin-Pull HTTPS
        • Host Header Rewrite
        • Controlling Origin-pull Requests
        • Redirect Following During Origin-Pull
        • HTTP/2 Origin-Pull
        • Range GETs
      • Load Balancing
        • Overview
        • Quickly Create Load Balancers
        • Health Check Policies
        • Viewing the Health Status of Origin Server
        • Related References
          • Load Balancing-Related Concepts
          • Introduction to Request Retry Strategy
      • Origin Group Configuration
      • Related References
        • ld Version Origin Group Compatible Related Issues
      • Collect EdgeOne origin-pull node IP
  • Edge Cache
    • Overview
    • EdgeOne Cache Rules
      • Content Cache Rules
      • Cache Key Introduction
      • Vary Feature
    • Cache Configuration
      • Custom Cache Key
      • Node Cache TTL
      • Status Code Cache TTL
      • Browser Cache TTL
      • Offline Caching
      • Cache Prefresh
    • Clear and Preheat Cach
      • Cache Purge
      • URL Pre-Warming
    • How to improve the Cache Hit Rate of EdgeOne
  • Rules Engine
    • Overview
    • Supported Matching Types and Actions
    • Rule Management
    • variables

Authentication Method C

Format of Authentication URL

http://Hostname/md5hash/timestamp/Filename

Parameter Description

Field
Description
Hostname
Site acceleration domain name.
Path
Resource access path, which must start with / during authentication.
timestamp
A Unix timestamp in the hexadecimal format (the total number of seconds that have passed since 00:00:00, January 1, 1970 regardless of the time zone)
md5hash
A string containing 32 characters calculated based on the MD5 algorithm:
Algorithm: MD5 (key + Path + timestamp). Note: During calculation, the hexadecimal number identifier 0x of the hexadecimal timestamp must be filtered out.
Authentication logic: If the request has not expired, the node will compare this string value with the md5hash value carried in the request URL. If the values are the same, the request will pass the authentication, and a response will be made to the request; if the values are different, the authentication will fail, and 403 will be returned.

Configuration Example

Assuming authentication method C is used for the requested URL https://www.example.com/foo.jpg, the configuration is as follows:


Getting Authentication Parameters

Path: /foo.jpg.
timestamp: The time when the server generates the authentication URL is 15:43:06, July 15, 2024 (UTC+8), the hexadecimal (Unix timestamp) value of which is 6694d30a.
Key: DvYmqE81E1F9R791H6lmht.
md5hash: MD5 (key + Path + timestamp) = MD5 (DvYmqE81E1F9R791H6lmht/foo.jpg6694d30a) = 6688749e8906a726c12fe1be3aacd016.

Authentication URL Generated by a Client Request

https://www.example.com/6688749e8906a726c12fe1be3aacd016/6694d30a/foo.jpg.

Node Authentication

When the node server receives a client request via the encrypted URL, it will parse the timestamp parameter in the URL, and compare the sum of it and the configured validity period of ''1 second'' with the current time:
1. If the current time is after the ''timestamp + validity period'' time, it indicates that the request has expired, and 403 will be returned directly. If the current time is before the ''timestamp + validity period'' time, it indicates that the request has not expired, and the node server will go to step 2.
2. The node server calculates the md5hash value based on the obtained authentication parameters and compares it with the md5hash value carried in the request URL. If the values are the same, the request will pass the authentication, and a response will be made to the request; if the values are different, the authentication will fail, and 403 will be returned.