Feature Overview

HTTP response headers are a component of the header section in HTTP response messages. HTTP response headers carry and bring specific response header parameters to clients. After you customize an HTTP response header, the response message returned by the AccessOne EdgeTrans carries the customized header configured, to implement a specific feature when a user requests a resource on an accelerated domain. CORS is also known as cross-origin access, which is a standard cross-origin solution provided by HTML5. CORS allows web application servers to perform cross-origin access control and ensure secure cross-origin data transmission. When cross-origin resource sharing or access is required in your business, you can configure custom HTTP response headers.

Before You Begin

You have added a service domain name. If you have not added it, see Adding a Service Domain Name.

Procedure

1. Log in to AOne, and select Access Control > Domain Name Access > Basic Configurations, and select the domain name to be configured in the list of domain names.

2. On domain name configuration details page, select Header Modification > HTTP Response Header.

3. Click Edit Configuration and then Add Rule.

4. Enter the parameter name of the HTTP response header in the Parameter field. The parameter name can only contain uppercase letters, lowercase letters, numbers, underscores, and hyphens. Enter a value in the Value field. Chinese characters are not supported. If you leave this field empty, the system deletes the corresponding response header.

5. Click Save.

Cautions

• If CORS response headers are configured both on your origin server and in the Console, the configuration in the Console overwrites the configuration on the origin server.

• It always returns Access-Control-Allow-Origin and the corresponding value for a user request after the CORS response header is configured, regardless of whether the Origin parameter is included in the request header and the value of the Origin request header.