Headers

PreviousCaching NextImage Optimization & WebP

Last updated 4 months ago

Was this helpful?

HTTP Strict Transport Security (HSTS) Protection

put

This setting is available in small, large and dynamic(aksela) resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_hsts_protectionbooleanRequired

Enable or disable HTTP Strict Transport Security (HSTS) protection for the resource.

Example: true

max_age_timestringRequired

Maximum time in seconds for which the HSTS protection is applied.

Example: 7776000

include_sub_domainsbooleanRequired

Whether to include subdomains for the HSTS protection.

Example: true

preloadbooleanRequired

Whether to include the resource in the preload list for HSTS.

Example: true

Responses

200

Successfully updated HSTS protection settings for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 98

{
  "status_hsts_protection": true,
  "max_age_time": "7776000",
  "include_sub_domains": true,
  "preload": true
}

200

Successfully updated HSTS protection settings for the resource.

{
  "status": true,
  "data": {}
}

CORS Header

put

This setting is available in small, large, VOD and streaming resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_cors_headerstring · enumRequired

Enable or disable CORS headers.

Example: onPossible values:

cors_domainsstring · uri[]Optional

List of domains for CORS.

Example: ["domain1.com","domain2.com"]

Responses

200

Successfully updated the CORS header settings for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 72

{
  "status_cors_header": "on",
  "cors_domains": [
    "domain1.com",
    "domain2.com"
  ]
}

200

Successfully updated the CORS header settings for the resource.

{
  "status": true,
  "data": {}
}

Origin Host Header

put

This setting is available for all resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

Responses

200

Successfully updated Origin Host Header for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 68

{
  "origin_host_header": {
    "status": true,
    "header": "domain.example.com"
  }
}

200

Successfully updated Origin Host Header for the resource.

{
  "status": true,
  "data": {}
}

X-CDN Header

put

This setting is available for all resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_x_cdn_headerbooleanRequired

Enable or disable the X-CDN header for the resource.

Example: true

x_cdn_headerstringRequired

The name of the X-CDN header.

Example: test.header

Responses

200

Successfully updated X-CDN header for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 57

{
  "status_x_cdn_header": true,
  "x_cdn_header": "test.header"
}

200

Successfully updated X-CDN header for the resource.

{
  "status": true,
  "data": {}
}

X-Frame Options

put

This setting is available in small, large and dynamic(aksela) resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_x_framebooleanRequired

Enable or disable X-Frame Options for the resource.

Example: true

trusted_domainsstring[]Required

Trusted domains for X-Frame Options.

Example: domain1.com

Responses

200

Successfully updated X-Frame Options settings for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 85

{
  "status_x_frame": true,
  "trusted_domains": [
    "domain1.com",
    "domain2.com",
    "domain3.com"
  ]
}

200

Successfully updated X-Frame Options settings for the resource.

{
  "status": true,
  "data": {}
}

X-XSS Protection

put

This setting is available in small, large and dynamic(aksela) resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_x_xss_protectionbooleanRequired

Enable or disable X-XSS Protection for the resource.

Example: true

Responses

200

Successfully updated X-XSS Protection settings for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 32

{
  "status_x_xss_protection": true
}

200

Successfully updated X-XSS Protection settings for the resource.

{
  "status": true,
  "data": {}
}

X-Content Type Options

put

This setting is available in small, large and dynamic(aksela) resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_x_content_typebooleanRequired

Enable or disable X-Content Type Options for the resource.

Example: true

Responses

200

Successfully updated X-Content Type Options settings for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "status_x_content_type": true
}

200

Successfully updated X-Content Type Options settings for the resource.

{
  "status": true,
  "data": {}
}

Custom Headers

put

This setting is available for all resource types.

Path parameters

organization_uuidstringRequired

UUID of the organization

resource_uuidstringRequired

UUID of the resource

Body

status_custom_headersbooleanRequired

Enable or disable custom headers for the resource.

Example: true

Responses

200

Successfully updated custom headers for the resource.

application/json

put

PUT /api/v1/cdn/{organization_uuid}/resource/{resource_uuid} HTTP/1.1
Host: cloud.medianova.com
Content-Type: application/json
Accept: */*
Content-Length: 193

{
  "status_custom_headers": true,
  "custom_headers": [
    {
      "type": "request_header",
      "key": "Key1",
      "value": "Value1"
    },
    {
      "type": "add_header",
      "key": "Key2",
      "value": "Value2"
    },
    {
      "type": "hide_header",
      "key": "Key3"
    }
  ]
}

200

Successfully updated custom headers for the resource.

{
  "status": true,
  "data": {}
}