Headers

PreviousCaching NextImage Optimization & WebP

Last updated 2 months ago

Was this helpful?

HTTP Strict Transport Security (HSTS) Protection

This setting is available in small, large and dynamic(aksela) resource types.

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

UUID of the organization

resource_uuidstringrequired

UUID of the resource

Body

status_hsts_protectionbooleanrequired

Enable or disable HTTP Strict Transport Security (HSTS) protection for the resource.

Example: true

max_age_timestringrequired

Maximum time in seconds for which the HSTS protection is applied.

Example: 7776000

include_sub_domainsbooleanrequired

Whether to include subdomains for the HSTS protection.

Example: true

preloadbooleanrequired

Whether to include the resource in the preload list for HSTS.

Example: true

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_hsts_protection": true,
    "max_age_time": "7776000",
    "include_sub_domains": true,
    "preload": true
  }'

200

{
  "status": true,
  "data": {}
}

Successfully updated HSTS protection settings for the resource.

X-CDN Header

This setting is available for all resource types.

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

UUID of the organization

resource_uuidstringrequired

UUID of the resource

Body

status_x_cdn_headerbooleanrequired

Enable or disable the X-CDN header for the resource.

Example: true

x_cdn_headerstringrequired

The name of the X-CDN header.

Example: test.header

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_x_cdn_header": true,
    "x_cdn_header": "test.header"
  }'

200

{
  "status": true,
  "data": {}
}

Successfully updated X-CDN header for the resource.

X-Frame Options

This setting is available in small, large and dynamic(aksela) resource types.

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

UUID of the organization

resource_uuidstringrequired

UUID of the resource

Body

status_x_framebooleanrequired

Enable or disable X-Frame Options for the resource.

Example: true

trusted_domainsstring[]required

List of domains trusted for embedding the resource in frames.

Example: domain1.com

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_x_frame": true,
    "trusted_domains": [
      "domain1.com",
      "domain2.com",
      "domain3.com"
    ]
  }'

200

{
  "status": true,
  "data": {}
}

Successfully updated X-Frame Options settings for the resource.

Origin Host Header

This setting is available for all resource types.

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

UUID of the organization

resource_uuidstringrequired

UUID of the resource

Body

origin_host_headerobjectrequired

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "origin_host_header": {
      "status": true,
      "header": "domain.example.com"
    }
  }'

200

{
  "status": true,
  "data": {}
}

Successfully updated Origin Host Header for the resource.

CORS Header

This setting is available in small, large, VOD and streaming resource types.

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

UUID of the organization

resource_uuidstringrequired

UUID of the resource

Body

status_cors_headerstring · enumrequired

Enable or disable CORS headers.

Example: on

Options: on, off

cors_domainsstring · uri[]

List of domains allowed for CORS.

Example: ["domain1.com","domain2.com"]

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_cors_header": "on",
    "cors_domains": [
      "domain1.com",
      "domain2.com"
    ]
  }'

200

{
  "status": true,
  "data": {}
}

Successfully updated the CORS header settings for the resource.

Custom Headers

This setting is available for all resource types.

put

/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}

Path parameters

organization_uuidstringrequired

UUID of the organization

resource_uuidstringrequired

UUID of the resource

Body

status_custom_headersbooleanrequired

Enable or disable custom headers for the resource.

Example: true

custom_headersobject[]required

List of custom headers to set for the resource.

Example: {"type":"request_header","key":"Key1","value":"Value1"}

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_custom_headers": true,
    "custom_headers": [
      {
        "type": "request_header",
        "key": "Key1",
        "value": "Value1"
      },
      {
        "type": "add_header",
        "key": "Key2",
        "value": "Value2"
      },
      {
        "type": "hide_header",
        "key": "Key3"
      }
    ]
  }'

200

{
  "status": true,
  "data": {}
}

Successfully updated custom headers for the resource.

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_x_xss_protection": true
  }'

curl -L \
  --request PUT \
  --url 'https://cloud.medianova.com/api/v1/cdn/{organization_uuid}/resource/{resource_uuid}' \
  --header 'Content-Type: application/json' \
  --data '{
    "status_x_content_type": true
  }'

Headers

Headers

HTTP Strict Transport Security (HSTS) Protection

X-CDN Header

X-Frame Options

Origin Host Header

CORS Header

Custom Headers

X-XSS Protection

X-Content Type Options

HTTP Strict Transport Security (HSTS) Protection

X-CDN Header

X-Frame Options

Origin Host Header

Show child attributes

CORS Header

Custom Headers

Show child attributes

X-XSS Protection

X-Content Type Options