• compressMobile (boolean): When enabled, adapts images served over cellular mobile networks. (Option Previously Named: do_aic_mobile.)

• compressStandard (boolean): When enabled, adapts images served over non-cellular networks. (Option Previously Named: do_aic_nonmobile.)

• tier1StandardCompressionMethod (enum string): Specifies tier–1 non-cellular network behavior, either COMPRESS, STRIP, or BYPASS. (Option Previously Named: standard_comp_t1_method. Capitalized enum values.)

• tier1StandardCompressionValue (number within 0–100 range): With tier1StandardCompressionMethod set to COMPRESS, this specifies the compression percentage. (Option Previously Named: standard_comp_t1_slider.)

• tier2StandardCompressionMethod (enum string): Specifies tier–2 non-cellular network behavior, either COMPRESS, STRIP, or BYPASS. (Option Previously Named: standard_comp_t2_method. Capitalized enum values.)

• tier2StandardCompressionValue (number within 0–100 range): With tier2StandardCompressionMethod set to COMPRESS, this specifies the compression percentage. (Option Previously Named: standard_comp_t2_slider.)

• tier3StandardCompressionMethod (enum string): Specifies tier–5 non-cellular network behavior, either COMPRESS, STRIP, or BYPASS. (Option Previously Named: standard_comp_t5_method. Capitalized enum values.)

• tier3StandardCompressionValue (number within 0–100 range): With tier3StandardCompressionMethod set to COMPRESS, this specifies the compression percentage. (Option Previously Named: standard_comp_t5_slider.)

• tier1MobileCompressionMethod (enum string): Specifies tier–1 behavior, either COMPRESS, STRIP, or BYPASS. (Option Previously Named: mobile_comp_t1_method. Capitalized enum values.)

• tier1MobileCompressionValue (number within 0–100 range): With tier1MobileCompressionMethod set to COMPRESS, this specifies the compression percentage. (Option Previously Named: mobile_comp_t1_slider.)

• tier2MobileCompressionMethod (enum string): Specifies tier–2 cellular-network behavior, either COMPRESS, STRIP, or BYPASS. (Option Previously Named: mobile_comp_t2_method. Capitalized enum values.)

• tier2MobileCompressionValue (number within 0–100 range): With tier2MobileCompressionMethod set to COMPRESS, this specifies the compression percentage. (Option Previously Named: mobile_comp_t2_slider.)

• tier3MobileCompressionMethod (enum string): Specifies tier–5 cellular-network behavior, either COMPRESS, STRIP, or BYPASS. (Option Previously Named: mobile_comp_t5_method. Capitalized enum values.)

• tier3MobileCompressionValue (number within 0–100 range): With tier3MobileCompressionMethod set to COMPRESS, this specifies the compression percentage. (Option Previously Named: mobile_comp_t5_slider.)

• description (string): Human-readable description of what the XML block does.

• xml (string): Akamai XML metadata.

• enabled (boolean): Enables the Akamaizer behavior. (Option Previously Named: status. Retyped as boolean.)

• matchHostname (string): Specifies the hostname to match on as a Perl-compatible regular expression. (Option Previously Named: matchhostname.)

• replacementHostname (string): Specifies the replacement hostname for the tag to use. (Option Previously Named: replacementhostname.)

• scope (enum string): Specifies the part of HTML content the tagsAttribute refers to:

  • ATTRIBUTE for when tagsAttribute refers to a tag/attribute pair, the match only applies to the attribute.
  • URL_ATTRIBUTE is the same as ATTRIBUTE, but applies when the attribute value is a URL. In that case, it converts to an absolute URL prior to substitution.
  • BLOCK substitutes within the tag’s contents, but not within any nested tags.
  • PAGE ignores the tagsAttribute field and performs the substitution on the entire page.

  (Capitalized enum values. Changed attr enum value to ATTRIBUTE, and urlattr to URL_ATTRIBUTE.)

• tagsAttribute (enum string): Specifies the tag or tag/attribute combination to operate on, any of the following:

A
A_HREF
AREA
AREA_HREF
BASE
BASE_HREF
FORM
FORM_ACTION
IFRAME
IFRAME_SRC
IMG
IMG_SRC
LINK
LINK_HREF
SCRIPT
SCRIPT_SRC
TABLE
TABLE_BACKGROUND
TD
TD_BACKGROUND

(Option Previously Named: tags_attr. Capitalized enum values.)

• replaceAll (boolean): Replaces all matches when enabled, otherwise replaces only the first match. (Option Previously Named: behavior. Retyped as boolean.)

• includeTagsAttribute (boolean): Whether to include the tagsAttribute value. (Option Previously Named: type. Retyped as boolean.)

• enabled (boolean): Enables all HTTP requests for parent servers in the cache hierarchy. (Option Previously Named: allow. Retyped as boolean.)

• enabled (boolean): Allows you to assign custom origin definitions referenced in sub-rules by cloudletsOrigin labels. If disabled, all sub-rules are ignored.

• honorBaseDirectory (boolean): If enabled, prefixes any Cloudlet-generated origin path with a path defined by an Origin Base Path behavior. If no path is defined, it has no effect. If another Cloudlet policy already prepends the same Origin Base Path, the path is not duplicated.

• purgeOriginQueryParameter (string): When purging content from a Cloudlets Origin, this specifies a query parameter name whose value is the specific named origin to purge. Note that this only applies to content purge requests, for example when using the Fast Purge API.

• enabled (boolean): When enabled, allows DELETE requests. Content does not cache. (Option Previously Named: allow. Retyped as boolean.)

• enabled (boolean): When enabled, allows PATCH requests. Content does not cache. (Option Previously Named: allow. Retyped as boolean.)

• enabled (boolean): When enabled, allows POST requests. (Option Previously Named: allow. Retyped as boolean.)

• allowWithoutContentLength (boolean): By default, POST requests also require a Content-Length header, or they result in a 411 error. With this option enabled with no specified Content-Length, the edge server relies on a Transfer-Encoding header to chunk the data. If neither header is present, it assumes the request has no body, and it adds a header with a 0 value to the forward request. (Option Previously Named: allow_without_content_length. Retyped as boolean.)

• enabled (boolean): When enabled, allows PUT requests. Content does not cache. (Option Previously Named: allow. Retyped as boolean.)

• enabled (boolean): Allows Chunked Transfer Encoding requests.

• enabled (boolean): Activates the API Prioritization feature.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• label (string): A label to distinguish this API Prioritization policy from any others in the same property.

• useThrottledCpCode (boolean): Specifies whether to apply an alternative CP code for requests served the alternate response.

• throttledCpCode (object): With useThrottledCpCode enabled, this specifies the CP code as an object:

  "throttledCpCode": {
      "id"   : 12345,
      "name" : "sent to waiting room"
  }
  

• useThrottledStatusCode (boolean): When enabled, allows you to assign a specific HTTP response code to a throttled request.

• throttledStatusCode (number): With change_response_code enabled, specifies the HTTP response code for requests that receive the alternate response.

• netStorage (object): Specify the NetStorage domain that contains the alternate response. For example:

  "netStorage": {
      "id"                 : "id_string",
      "name"               : "Waiting Room",
      "downloadDomainName" : "example.wait.akamai.com",
      "cpCode"             : 12345
  }
  

• netStoragePath (string): Specify the full NetStorage path for the alternate response, including trailing file name.

• alternateResponseCacheTtl (number within 5–30 range): Specifies the alternate response’s time to live in the cache, 5 minutes by default.

• enabled (boolean): Activates the Application Load Balancer Cloudlet.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• label (string): A label to distinguish this Application Load Balancer policy from any others within the same property.

• stickinessCookieType (enum string): Determines how a cookie persistently associates the client with a load-balanced origin. Specify an overall DURATION or a FIXED_DATE for when the cookie expires. Specify ON_BROWSER_CLOSE to limit the cookie duration to browser sessions. (After the cookie expires, the cookie type re-evaluates.) To preserve the cookie indefinitely, specify NEVER. To dynamically reassign different load-balanced origins for each request, specify NONE.

• stickinessExpirationDate (ISO 8601 format date/time string): With stickinessCookieType set to FIXED_DATE, this specifies when the cookie expires.

• stickinessDuration (duration string): With stickinessCookieType set to DURATION, sets how long it is before the cookie expires.

• stickinessRefresh (boolean): With stickinessCookieType set to DURATION, enabling this extends the duration of the cookie with each new request. When enabled, the DURATION thus specifies the latency between requests that would cause the cookie to expire.

• failoverStatusCodes (array of string values): Specifies a set of HTTP status codes that signal a failure on the origin, in which case the cookie that binds the client to that origin is invalidated and the client is rerouted to another available origin.

• allDownNetStorage (object): Specifies a NetStorage account for a static maintenance page as a fallback when no origins are available. This example shows the object’s structure:

  "allDownNetStorage": {
      "id"                 : "uniq_id",
      "name"               : "Download Area",
      "downloadDomainName" : "download.example.akamai.com",
      "cpCode"             : 12345
  }
  

• allDownNetStorageFile (string): Specifies the fallback maintenance page’s filename, expressed as a full path from the root of the NetStorage server.

• allDownStatusCode (string): Specifies the HTTP response code when all load-balancing origins are unavailable.

• enabled (boolean): Enables the Audience Segmentation cloudlet feature.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• label (string): Specifies a suffix to append to the cookie name. This helps distinguish this audience segmentation policy from any others within the same property.

• segmentTrackingMethod (enum string): Specifies the method to pass segment information to the origin. The Cloudlet passes the rule applied to a given request either IN_COOKIE_HEADER, IN_QUERY_PARAM, IN_CUSTOM_HEADER, or the default, NONE.

• segmentTrackingQueryParam (string): With segmentTrackingMethod set to IN_QUERY_PARAM, this query parameter specifies the name of the segmentation rule.

• segmentTrackingCookieName (string): With segmentTrackingMethod set to IN_COOKIE_HEADER, this cookie name specifies the name of the segmentation rule.

• segmentTrackingCustomHeader (string): With segmentTrackingMethod set to IN_CUSTOM_HEADER, this custom HTTP header specifies the name of the segmentation rule.

• populationCookieType (enum string): Specifies when the segmentation cookie expires, either ON_BROWSER_CLOSE, NEVER, or based on a specific DURATION.

• populationDuration (duration string): With populationCookieType set to DURATION, specifies the lifetime of the segmentation cookie.

• populationRefresh (boolean): If disabled, sets the expiration time only if the cookie is not yet present in the request.

• value (string; allows variables): Specifies the base path of content on your origin server. The value must begin and end with a slash (/) character, for example /parent/child/. (Option Previously Named: basedir.)

• enabled (boolean): Enables the break connection behavior. (Option Previously Named: status. Retyped as boolean.)

• enabled (boolean): When enabled, activates the error-caching behavior. (Retyped as boolean.)

• ttl (duration string): Overrides the default caching duration of 10s. Note that if set to 0, it is equivalent to no-cache, which forces revalidation and may cause a traffic spike. This can be counterproductive when, for example, the origin is producing an error code of 500.

• preserveStale (boolean): When enabled, the edge server preserves stale cached objects when the origin returns 400, 500, 502, 503, and 504 error codes. This avoids re-fetching and re-caching content after transient errors. (Option Previously Named: preservestale. Retyped as boolean.)

• rule (enum string): Specifies how to modify the cache ID:

  • INCLUDE_HEADERS includes specified HTTP headers in the cache ID.
  • INCLUDE_COOKIES includes specified cookies in the cache ID.
  • INCLUDE_ALL_QUERY_PARAMS includes all query parameters when forming a cache ID.
  • INCLUDE_QUERY_PARAMS includes the specified set of query parameters when forming a cache ID.
  • EXCLUDE_QUERY_PARAMS excludes the specified set of query parameters when forming a cache ID.
  • INCLUDE_URL includes the full URL, the same as the default without the cacheid behavior.

  (Enum values now use underscore delimiters. Changed excludeqs enum value to EXCLUDE_QUERY_PARAMS, includeallqs to INCLUDE_ALL_QUERY_PARAMS, includeck to INCLUDE_COOKIES, includehd to INCLUDE_HEADERS, and includeqs to INCLUDE_QUERY_PARAMS.)

• includeValue (boolean): When enabled, includes the value of the specified elements in the cache ID. Otherwise only their names are included. (Option Previously Named: value. Retyped as boolean.)

• optional (boolean): When enabled, requires the behavior’s specified elements to be present for content to cache. When disabled, requests that lack the specified elements are still cached. This option only applies when the type is INCLUDE_COOKIES, INCLUDE_QUERY_PARAMS, INCLUDE_HEADERS, or EXCLUDE_QUERY_PARAMS. (Retyped as boolean.)

• elements (array of string values): Specifies the names of the query parameters, cookies, or headers to include or exclude from the cache ID. This only applies when the rule is INCLUDE_COOKIES, INCLUDE_HEADERS, INCLUDE_QUERY_PARAMS, or EXCLUDE_QUERY_PARAMS. (Option Previously Named: elementlist.)

• enabled (boolean): When enabled, ignores case when forming cache keys. (Option Previously Named: ignore_case. Retyped as boolean.)

• behavior (enum string): Configures how sets of query string parameters translate to cache keys:

  • IGNORE_ALL causes query string parameters to be ignored when forming cache keys.
  • IGNORE or INCLUDE makes the key depend on the sequence of values in the parameters field.
  • INCLUDE_ALL_PRESERVE_ORDER forms a separate key for the entire set of query parameters, but sensitive to the order in which they appear. (For example, ?q=akamai&state=ma and ?state=ma&q=akamai cache separately.)
  • INCLUDE_ALL_ALPHABETIZE_ORDER forms keys for the entire set of parameters, but the order doesn’t matter. The examples above both use the same cache key.

  Be careful when applying behavior not to ignore any parameters that result in substantially different content, as it is not reflected in the cached object. (Capitalized enum values, with underscore delimiters.)

• parameters (array of string values): With behavior set to INCLUDE or IGNORE, parameters specifies the set of parameter field names to include in or exclude from the cache key. By default, these match the field names as string prefixes.

• exactMatch (boolean): When enabled, parameters must match exactly. Keep disabled to match string prefixes. (Option Previously Named: exact_match. Retyped as boolean.)

• purgeKey (string): Specifies the new cache key path as an alphanumeric value. (Option Previously Named: purgekey.)

• enabled (boolean): Enables caching of POST responses. (Retyped as boolean.)

• useBody (enum string): Define how and whether to use the POST message body as a cache key:

  • IGNORE uses only the URL to cache the response.
  • MD5 adds a string digest of the data as a query parameter to the cache URL.
  • QUERY adds the raw request body as a query parameter to the cache key, but only if the POST request’s Content-Type is application/x-www-form-urlencoded. (Use this in conjunction with cacheId to define relevant query parameters.)

  (Option Previously Named: usebody. Capitalized enum values.)

• enabled (boolean): Enables the redirect caching behavior. (In the Beta API, please substitute "true" and "false" string values.)

• behavior (enum string): Specify the caching option:

  • NO_STORE clears the cache and serves from the origin.
  • BYPASS_CACHE retains the cache but serves from the origin.
  • Honor the origin’s MAX_AGE header
  • Honor the origin’s CACHE_CONTROL header
  • Honor the origin’s EXPIRES header
  • Honor CACHE_CONTROL_AND_EXPIRES the origin’s CACHE_CONTROL and EXPIRES header, whichever comes last.

  (Capitalized enum values, with underscore delimiters. Changed cc enum value to CACHE_CONTROL, and both to CACHE_CONTROL_AND_EXPIRES.)

• mustRevalidate (boolean): Determines what to do once the cached content has expired, by which time the Akamai platform should have re-fetched and validated content from the origin. If enabled, only allows the re-fetched content to be served. If disabled, may serve stale content if the origin is unavailable. (Option Previously Named: mustrevalidate. Retyped as boolean.)

• ttl (duration string): The maximum time content may remain cached. Setting the value to 0 is the same as setting a no-cache header, which forces content to revalidate.

• defaultTtl (duration string): Set the MAX_AGE header for the cached content. (Option Previously Named: defaultttl.)

• enabled (boolean): Enables the centralized authorization behavior. (Option Previously Named: status. Retyped as boolean.)

• enabled (boolean): When enabled, allows edge servers to chase redirects. (Option Previously Named: status. Retyped as boolean.)

• limit (string): Specifies, as a string, the maximum number of redirects to follow.

• serve404 (boolean): Once the redirect limit is reached, enabling this option serves an HTTP 404 (Not Found) error instead of the last redirect. (Retyped as boolean.)

• enabled (boolean): When enabled, serves the custom response. Enabling the behavior evicts the cached object associated with the request, since it is not being served. (Option Previously Named: status. Retyped as boolean.)

• body (string; allows variables): HTML response of up to 2000 characters to send to the end-user client.

• responseCode (numeric enum): The HTTP response code to send to the end-user client, either 200 or 404. (Option Previously Named: responsecode. Retyped enum values as numeric.)

• enabled (boolean): Enables the Phased Release Cloudlet.

• cloudletPolicy (object): Specifies the Cloudlet policy as an object containing two members: a descriptive name string and an integer id set by the Cloudlet application.

• label (string): A label to distinguish this Phased Release policy from any others within the same property.

• populationCookieType (enum string): For the population of users the Cloudlet defines, select whether to assign a cookie to them, or else NONE. Other option values specify when the cookie expires: after a specific DURATION, at a FIXED_DATE, once the browser session ends (ON_BROWSER_CLOSE), or NEVER. If you select the Cloudlet’s random membership option, it overrides the option value so that it is effectively NONE.

• populationExpirationDate (ISO 8601 format date/time string): With the populationCookieType set to FIXED_DATE, this specifies the date and time when membership expires, and the browser no longer sends the cookie. Subsequent requests re-evaluate based on current membership settings.

• populationDuration (duration string): With the populationCookieType set to DURATION, this sets the lifetime of the cookie from the initial request. Subsequent requests re-evaluate based on current membership settings.

• populationRefresh (boolean): With the populationCookieType set to DURATION, enabling this option resets the original duration of the cookie if the browser refreshes before the cookie expires.

• failoverEnabled (boolean): Allows failure responses at the origin defined by the Cloudlet to fail over to the prevailing origin defined by the property.

• failoverResponseCode (array of string values): With failoverEnabled on, this defines the set of failure codes that initiate the failover response.

• failoverDuration (number within 0–300 range): Specifies the number of seconds to wait until the client tries to access the failover origin after the initial failure is detected. Set the value to 0 to immediately request the alternate origin upon failure.

• value (object): Specifies a value object, which includes an id key and a descriptive name:

  "value": {
      "id"   : 12345,
      "name" : "my cpcode"
  }
  

  (Option Previously Named: cpcode.)

• enabled (read-only string): When on, enables the behavior. (Option Previously Named: status.)

• enabled (boolean): Denies access when enabled. (Option Previously Named: behavior. Retyped as boolean.)

• reason (string): Text message that keys why access is denied. Any subsequent denyaccess behaviors within the rule tree may refer to the same reason key to override the current behavior.

• elements (array of string values): Specifies a set of information about the device with which to generate a separate cache key, any of the following values:

ACCEPT_THIRD_PARTY_COOKIE
AJAX_PREFERRED_GEOLOC_API
AJAX_SUPPORT_JAVASCRIPT
BRAND_NAME
COOKIE_SUPPORT
DEVICE_OS
DEVICE_OS_VERSION
DUAL_ORIENTATION
FLASH_LITE_VERSION
FULL_FLASH_SUPPORT
GIF_ANIMATED
HTML_PREFERRED_DTD
IS_MOBILE
IS_TABLET
IS_WIRELESS_DEVICE
JPG
MARKETING_NAME
MAX_IMAGE_HEIGHT
MAX_IMAGE_WIDTH
MOBILE_BROWSER
MOBILE_BROWSER_VERSION
MODEL_NAME
PDF_SUPPORT
PHYSICAL_SCREEN_HEIGHT
PHYSICAL_SCREEN_WIDTH
PNG
PREFERRED_MARKUP
RESOLUTION_HEIGHT
RESOLUTION_WIDTH
VIEWPORT_INITIAL_SCALE
VIEWPORT_WIDTH
XHTML_FILE_UPLOAD
XHTML_PREFERRED_CHARSET
XHTML_SUPPORT_LEVEL
XHTML_SUPPORTS_IFRAME
XHTML_SUPPORTS_TABLE_FOR_LAYOUT
XHTML_TABLE_SUPPORT
XHTMLMP_PREFERRED_MIME_TYPE

(Option Previously Named: edc_elementlist. Capitalized enum values.)

• elements (array of string values): Specifies the set of information about the requesting device to send to the origin server, any of the following:

ACCEPT_THIRD_PARTY_COOKIE
AJAX_PREFERRED_GEOLOC_API
AJAX_SUPPORT_JAVASCRIPT
BRAND_NAME
COOKIE_SUPPORT
DEVICE_OS
DEVICE_OS_VERSION
DUAL_ORIENTATION
FLASH_LITE_VERSION
FULL_FLASH_SUPPORT
GIF_ANIMATED
HTML_PREFERRED_DTD
IS_MOBILE
IS_TABLET
IS_WIRELESS_DEVICE
JPG
MARKETING_NAME
MAX_IMAGE_HEIGHT
MAX_IMAGE_WIDTH
MOBILE_BROWSER
MOBILE_BROWSER_VERSION
MODEL_NAME
PDF_SUPPORT
PHYSICAL_SCREEN_HEIGHT
PHYSICAL_SCREEN_WIDTH
PNG
PREFERRED_MARKUP
RESOLUTION_HEIGHT
RESOLUTION_WIDTH
VIEWPORT_INITIAL_SCALE
VIEWPORT_WIDTH
XHTML_FILE_UPLOAD
XHTML_PREFERRED_CHARSET
XHTML_SUPPORT_LEVEL
XHTML_SUPPORTS_IFRAME
XHTML_SUPPORTS_TABLE_FOR_LAYOUT
XHTML_TABLE_SUPPORT
XHTMLMP_PREFERRED_MIME_TYPE

(Option Previously Named: edc_elementlist. Capitalized enum values.)

• enabled (boolean): When enabled, allows edge servers to refresh an expired DNS record after serving content. (Option Previously Named: status. Retyped as boolean.)

• timeout (duration string): Set the maximum allowed time an expired DNS record may be active.

• enabled (boolean): When enabled, allows edge servers to refresh DNS records before they expire. (Option Previously Named: status. Retyped as boolean.)

• delay (duration string): Specifies the amount of time following a DNS record’s expiration to asynchronously prefresh it.

• timeout (duration string): Specifies the amount of time to prefresh a DNS entry if there have been no requests to the domain name.

• enabled (boolean): Enables the protocol downgrading behavior. (Option Previously Named: status. Retyped as boolean.)

• behavior (enum string): Specify the caching instructions the edge server sends to the end user’s client. It accepts the following values:

  • ALLOW: The value of allowBehavior chooses the caching method and headers to send to the client.
  • MUST_REVALIDATE: This equates to a Cache-Control: no-cache header, which allows caching but forces the client browser to send an if-modified-since request each time it requests the object.
  • BUST: Sends cache-busting headers downstream.
  • TUNNEL_ORIGIN: This passes Cache-Control and Expires headers from the origin to the downstream client.
  • NONE: Don’t send any caching headers. Allow client browsers to cache content according to their own default settings.

  (Capitalized enum values, with underscore delimiters.)

• allowBehavior (enum string): Specify how the edge server calculates the downstream cache by setting the value of the Expires header:

  • FROM_VALUE sends the value of the edge cache’s duration.
  • FROM_MAX_AGE sends the cache:max-age value applied to the object, without evaluating the cache’s duration.
  • LESSER sends the lesser value of what the origin specifies and the edge cache’s remaining duration. This is the default behavior.
  • GREATER sends the greater value of what the origin specifies and the edge cache’s remaining duration.
  • REMAINING_LIFETIME sends the value of the edge cache’s remaining duration, without comparing it to the origin’s headers.
  • PASS_ORIGIN sends the value of the origin’s header, without evaluating the edge cache’s duration.

  (Option Previously Named: allow_behavior. Capitalized enum values, with underscore delimiters.)

• ttl (duration string): Set the duration of the cache. Setting the value to 0 equates to a no-cache header that forces revalidation.

• sendHeaders (enum string): Specifies the HTTP headers to include in the response to the client:

  • PASS_ORIGIN sends the same set of Cache-Control and Expires headers received from the origin.
  • CACHE_CONTROL sends only the origin’s Cache-Control header.
  • EXPIRES sends only the origin’s Expires header.
  • CACHE_CONTROL_AND_EXPIRES sends both Cache-Control and Expires header.
  • NONE strips both headers.

  (Option Previously Named: headers_sent. Enum values now use underscore delimiters. Changed cc-only enum value to CACHE_CONTROL, expires-only to EXPIRES, and both to CACHE_CONTROL_AND_EXPIRES.)

• sendPrivate (boolean): When enabled, adds a Cache-Control: private header to prevent objects from being cached in a shared caching proxy. (Option Previously Named: send_private. Retyped as boolean.)

• enabled (boolean): Enables Cloud Monitor’s log-publishing behavior. (Option Previously Named: publish. Retyped as boolean.)

• apiConnector (enum string): Describes the API connector type, either DEFAULT, BMC_APM, or SIEM_JSON. (Option Previously Named: api_connector. Capitalized enum values.)

• apiDataElements (array of string values): Specifies the data set to log, any of the following values:

APM
GEO
HTTP
NETWORK_PERFORMANCE
NETWORK_V1
REQUEST_HEADER
RESPONSE_HEADER
SEC_APP_V2
SEC_RATE_DENY_V2
SEC_RATE_WARN_V2

(Option Previously Named: api_data_elements. Capitalized enum values, with underscore delimiters. Changed reqheader enum value to REQUEST_HEADER, and resheader to RESPONSE_HEADER.)

• destinationHostname (string): Specifies the target hostname accepting push API requests. (Option Previously Named: dest_host.)

• destinationPath (string): Specifies the push API’s endpoint. (Option Previously Named: dest_path.)

• overrideAggregateSettings (boolean): When enabled, overrides default log settings. (Option Previously Named: override_aggregate_settings. Retyped as boolean.)

• aggregateTime (duration string): With overrideAggregateSettings enabled, specifies how often logs are generated. (Option Previously Named: aggregate_time.)

• aggregateLines (string): With overrideAggregateSettings enabled, specifies the maximum number of lines to include in each log. (Option Previously Named: aggregate_lines.)

• aggregateSize (string): With overrideAggregateSettings enabled, specifies the log’s maximum size. (Option Previously Named: aggregate_size.)

• enabled (boolean): Enables the edge image conversion behavior. (Option Previously Named: eic_bool. Retyped as boolean.)

• failover (boolean): If the request results in a server error, enabling this forwards it to the origin. (Option Previously Named: failover_option. Retyped as boolean.)

• usePolicy (boolean): Enables a specified set of image conversion policies. (Option Previously Named: policy_bool. Retyped as boolean.)

• policies (array): With usePolicy enabled, specifies commands that when present or not in the query string release an error code. (Option Previously Named: op_policy_table.)

• policyResponses (numeric enum): Specifies the HTTP error code if any policies conditions match, either 400, 403, 404, or 409. (Option Previously Named: op_policy_violation. Retyped enum values as numeric.)

• description (string): A description of what the xml block does.

• xml (string): A block of Akamai XML metadata.

• originId (string): Corresponds to the id specified by the edgeLoadBalancingOrigin behavior associated with this data center. (Option Previously Named: origin_id.)

• description (string): Provides a description for the ELB data center, for your own reference. (Option Previously Named: alias.)

• hostname (string): Specifies the data center’s hostname. (Option Previously Named: host.)

• cookieName (string): If using session persistence, this specifies the value of the cookie named in the corresponding edgeLoadBalancingOrigin behavior’s cookie_name option. (Option Previously Named: name.)

• enableFailover (boolean): When enabled, allows you to specify failover rules. (Option Previously Named: enable_dc_failover. Retyped as boolean.)

• ip (string): With enableFailover enabled, specifies this data center’s IP address. (Option Previously Named: ip_address.)

• failoverRules (array): With enableFailover enabled, provides up to four failover rules to apply in the specified order. These rules appear as objects with the following fields:

  • modify_request (boolean): When enabled, allows you to modify the request’s hostname or path.

  • override_hostname (boolean): When enabled, overrides the request’s hostname with the failover_hostname.

  • failover_hostname: The hostname of the data center to fail over to.

  • context_root: Specifies the path to use in the forwarding request, typically the root (/) when failing over to a different data center, or a full path such as /static/error.html when failing over to an error page.

  • absolute_path (boolean): If enabled, the path specified by context_root is interpreted as an absolute server path, for example to reference a site-down page. If disabled, the path is appended to the request.

  (In the API’s beta version, please substitute boolean values with "true" or "false" string values.)

  (Option Previously Named: failover_rules.)

• id (string): Specifies a unique descriptive string for this ELB origin. The value must match the origin_id specified by the edgeLoadBalancingDataCenter behavior associated with this origin.

• description (string): Provides a description for the ELB origin, for your own reference. (Option Previously Named: name.)

• hostname (string): Specifies the hostname associated with the ELB rule. (Option Previously Named: host.)

• enableSessionPersistence (boolean): When enabled, allows you to specify a cookie to pin the user’s browser session to one data center. When disabled, ELB’s default load balancing may send users to various data centers within the same session. (Option Previously Named: enable_session_persistence. Retyped as boolean.)

• cookieName (string): With enableSessionPersistence enabled, this specifies the name of the cookie that marks users’ persistent sessions. The accompanying edgeLoadBalancingDataCenter behavior’s description option specifies the cookie’s value. (Option Previously Named: cookie_name.)

• enabled (boolean): Enables the cookie-authorization behavior. (Retyped as boolean.)

• cookieName (string): Specifies the name of the cookie to use for authorization. (Option Previously Named: name.)

• value (string): Specifies the value of the authorization cookie.

• domain (string): Specify the cookie’s domain, which must match the top-level domain of the Host header the origin server receives.

• enabled (boolean): Enables the Edge Redirector Cloudlet.

• cloudletPolicy (object): Specifies the Cloudlet policy as an object containing two members: a descriptive name string and an integer id set by the Cloudlet application.

• enabled (boolean): When enabled, sends the X-Akamai-Edgescape request header to the origin. (Option Previously Named: status. Retyped as boolean.)

• enabled (boolean): Enables ESI processing. (Option Previously Named: status. Retyped as boolean.)

• enableViaHttp (boolean): Enable ESI only for content featuring the following HTTP response header: Edge-control: dca=esi (Option Previously Named: responseheaders. Retyped as boolean.)

• passSetCookie (boolean): When enabled, allows edge servers to pass your origin server’s cookies to the ESI processor. (Option Previously Named: passsetcookie. Retyped as boolean.)

• passClientIp (boolean): When enabled, allows edge servers to pass the client IP header to the ESI processor. (Option Previously Named: passsclientip. Retyped as boolean.)

• i18nStatus (boolean): When enabled, provides internationalization support for ESI. (Option Previously Named: i18nstatus. Retyped as boolean.)

• i18nCharset (array of string values): With i18nStatus enabled, specifies the character sets to use when transcoding the ESI language, UTF-8 and ISO-8859-1 for example. (Option Previously Named: i18ncharset.)

• enabled (boolean): When enabled in case of a failure to contact the origin, the current behavior applies. (Option Previously Named: status. Retyped as boolean.)

• actionType (enum string): Specifies the basic action to take when there is a failure to contact the origin:

  • SERVE_STALE serves content that is already in the cache.
  • REDIRECT specifies a redirect action. (Use with these options: redirectHostnameType, redirectHostname, redirectCustomPath, redirectPath, redirectMethod, modifyProtocol, and protocol.)
  • RECREATED_CEX serves alternate content from an external network. (Use with these options: cexHostname, cexCustomPath, and cexPath.)
  • RECREATED_CO serves alternate content from your network. (Use with these options: contentHostname, contentCustomPath, and contentPath.)
  • RECREATED_NS serves NetStorage content. (Use with these options: netStorageHostname, netStoragePath, and cpCode.)
  • DYNAMIC allows you to serve dynamic SaaS content if SaaS acceleration is available on your contract. (Use with these options: dynamicMethod, dynamicCustomPath, saasType, saasSuffix, saasRegex, and saasReplace.)

  (Option Previously Named: type. Capitalized enum values, with underscore delimiters.)

• cpCode (object): When actionType is RECREATED_NS, this specifies a cpcode for which to log errors for the NetStorage location. It appears as an object that includes an id key and a descriptive name:

  "cpCode": {
      "id"   : 12345,
      "name" : "my cpcode"
  }
  

  (Option Previously Named: cpcode.)

• netStorageHostname (object): When the actionType is RECREATED_NS, specifies the NetStorage origin to serve the alternate content, as in the example below. Contact Akamai Professional Services for your NetStorage origin’s id.

  "netStorageHostname": {
      "id"                 : "id_string",
      "name"               : "Example Downloads",
      "downloadDomainName" : "example.download.akamai.com",
      "cpCode"             : 12345
  }
  

  (Option Previously Named: nshostname.)

• netStoragePath (string; allows variables): When the actionType is RECREATED_NS, specifies the path for the NetStorage request. (Option Previously Named: nspath.)

• redirectMethod (numeric enum): When the actionType is REDIRECT, specifies the HTTP response code, either 301 or 302. (Option Previously Named: redirectmethod. Retyped enum values as numeric.)

• redirectHostnameType (enum string): When the actionType is REDIRECT, this specifies whether to preserve the ORIGINAL hostname in the redirect, or whether to use an ALTERNATE hostname specified with redirectHostname. (Option Previously Named: redirecthostnametype. Capitalized enum values.)

• redirectHostname (string; allows variables): When the actionType is REDIRECT and the redirectHostnameType is ALTERNATE, this specifies the hostname for the redirect. (Option Previously Named: redirecthostname.)

• redirectCustomPath (boolean): When the actionType is REDIRECT, enabling this allows you use redirectPath to customize a new path. (Option Previously Named: redirectcustompath. Retyped as boolean.)

• redirectPath (string; allows variables): When the actionType is REDIRECT, this specifies a new path. (Option Previously Named: redirectpath.)

• modifyProtocol (boolean): When the actionType is REDIRECT, or if the dynamicMethod is either SERVE_301 or SERVE_302, enabling this allows you to modify the redirect’s protocol using the value of the protocol field. (Option Previously Named: modifyproto. Retyped as boolean.)

• protocol (enum string): When the actionType is REDIRECT and modifyProtocol is enabled, this specifies the redirect’s protocol, either HTTP or HTTPS. (Option Previously Named: proto.)

• preserveQueryString (boolean): When using either contentCustomPath, cexCustomPath, dynamicCustomPath, or redirectCustomPath to specify a custom path, enabling this passes in the original request’s query string as part of the path. (Option Previously Named: preservequerystring. Retyped as boolean.)

• cexHostname (string; allows variables): When actionType is RECREATED_CEX, this specifies a hostname. (Option Previously Named: cexhostname.)

• cexCustomPath (boolean): When actionType is RECREATED_CEX, enabling this allows you to specify a custom path. (Option Previously Named: cexcustompath. Retyped as boolean.)

• cexPath (string; allows variables): When actionType is RECREATED_CEX and cexCustomPath is enabled, this specifies a custom path. (Option Previously Named: cexpath.)

• contentHostname (string; allows variables): When the actionType is RECREATED_CO, specifies the static hostname for the alternate redirect. (Option Previously Named: cohostname.)

• contentCustomPath (boolean): When the actionType is RECREATED_CO, enabling this allows you to specify a custom redirect path. (Option Previously Named: cocustompath. Retyped as boolean.)

• contentPath (string; allows variables): When the actionType is RECREATED_CO and contentCustomPath is enabled, this specifies a custom redirect path. (Option Previously Named: copath.)

• dynamicMethod (enum string): With the actionType set to DYNAMIC, specifies the redirect method, either SERVE_301, SERVE_302, or SERVE_ALTERNATE. (Option Previously Named: dynamic_method. Enum values now use underscore delimiters.)

• dynamicCustomPath (boolean): When enabled, allows you to modify the original requested path. (Option Previously Named: dynamiccustompath. Retyped as boolean.)

• dynamicPath (string; allows variables): With dynamicCustomPath enabled, specifies the new path. (Option Previously Named: dynamicpath.)

• saasType (enum string): Identifies the component of the request that identifies the SaaS dynamic failaction: either COOKIE, HOSTNAME, PATH, or QUERY_STRING. (Option Previously Named: saas_type. Capitalized enum values.)

• saasSuffix (string; allows variables): With actionType set to DYNAMIC, specifies the static portion of the SaaS dynamic failaction. (Option Previously Named: saas_suffix.)

• saasRegex (string): With actionType set to DYNAMIC, specifies the substitution pattern (a Perl-compatible regular expression) that defines the SaaS dynamic failaction. (Option Previously Named: saas_regex.)

• saasReplace (string; allows variables): With actionType set to DYNAMIC, specifies the replacement pattern that defines the SaaS dynamic failaction. (Option Previously Named: saas_replace.)

• saasCnameEnabled (boolean): With the saasType set to HOSTNAME, specifies whether to use a CNAME chain to determine the hostname for the SaaS dynamic failaction. (Option Previously Named: saas_cname_enabled. Retyped as boolean.)

• saasCnameLevel (number): With saasCnameEnabled on, specifies the number of elements in the CNAME chain backwards from the edge hostname that determines the hostname for the SaaS dynamic failaction. (Option Previously Named: saas_cname_level.)

• saasCookie (string; allows variables): With saasType set to COOKIE, specifies the name of the cookie that identifies this SaaS dynamic failaction. (Option Previously Named: saas_cookie.)

• saasQueryString (string; allows variables): With saasType set to QUERY_STRING, specifies the name of the query parameter that identifies this SaaS dynamic failaction. (Option Previously Named: saas_query_string.)

• enabled (boolean): When enabled, forces a validation test for all edge content to which the behavior applies.

• enabled (boolean): Enables the Forward Rewrite Cloudlet behavior.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• enabled (boolean): Enables the front-end optimization behavior. (Option Previously Named: status. Retyped as boolean.)

• enabled (boolean): Enables the g2o verification behavior. (Option Previously Named: status. Retyped as boolean.)

• dataHeader (string): Specifies the name of the header that contains the request data that needs to be encrypted. (Option Previously Named: data_header.)

• signedHeader (string): Specifies the name of the header containing encrypted request data. (Option Previously Named: signed_header.)

• encodingVersion (numeric enum): Specifies the version of the encryption algorithm as an integer from 1 through 5. (Option Previously Named: encoding_version. Retyped enum values as numeric.)

• useCustomSignString (boolean): When disabled, the encrypted string is based on the forwarded URL. If enabled, you can use customSignString to customize the set of data to encrypt. (Option Previously Named: sign_string_status. Retyped as boolean.)

• customSignString (array of string values): With useCustomSignString enabled, specifies the set of data to be encrypted as a combination of concatenated strings, any of the following values:

AK_CLIENT_REAL_IP
AK_DOMAIN
AK_EXTENSION
AK_FILENAME
AK_HOSTHEADER
AK_METHOD
AK_PATH
AK_QUERY
AK_SCHEME
AK_URL

(Option Previously Named: sign_string.)

• secretKey (string): Specifies the shared secret key. (Option Previously Named: secret_key.)

• nonce (string): Specifies the cryptographic nonce string.

• behavior (enum string): Specify when to compress responses, either ALWAYS, NEVER, or ORIGIN_RESPONSE to clients that send an Accept-Encoding: gzip header. (Capitalized enum values.)

• description (string): Human-readable description of what the XML block does.

• xml (string): A block of Akamai XML metadata.

• retryCount (number): The number of consecutive connection failures that mark an IP address as faulty. (Option Previously Named: ip_retrycount.)

• retryInterval (duration string): Specifies the amount of time the edge server will wait before trying to reconnect to an IP address it has already identified as faulty. (Option Previously Named: ip_retry_interval.)

• maximumReconnects (number): Specifies the maximum number of times the edge server will contact your origin server. If your origin is associated with several IP addresses, maximumReconnects effectively overrides the value of retryCount. (Option Previously Named: max_reconnects.)

• enabled (boolean): Enable image management capabilities and generate a corresponding API token. (Option Previously Named: image_management_enabled. Retyped as boolean.)

• resize (boolean): Specify whether to scale down images to the maximum screen resolution, as determined by the rendering device’s user agent. Note that enabling this may affect screen layout in unexpected ways. (Option Previously Named: resize_enabled. Retyped as boolean.)

• applyBestFileType (boolean): Specify whether to convert images to the best file type for the requesting device, based on its user agent and the initial image file. This produces the smallest file size possible that retains image quality. (Option Previously Named: best_file_type_enabled. Retyped as boolean.)

• superCacheRegion (enum string): Specifies a location for your site’s heaviest traffic, for use in caching derivatives on edge servers. Possible values are US, JAPAN, ASIA, AUSTRALIA, or EMEA (Europe, Middle East, and Africa).

• cpCodeOriginal (object): Assigns a CP code to track traffic and billing for original images that the Image Manager has not modified. The value is expressed as an object with a single id member paired with an integer value, for example: "cpCodeOriginal": { "id": 12345 }.

• cpCodeTransformed (object): Assigns a separate CP code to track traffic and billing for derived images. The value is expressed as an object with a single id member paired with an integer value, for example: "cpCodeTransformed": { "id": 12345 }.

• advanced (boolean): When enabled, allows you to generate a custom Image Manager API token to apply a corresponding policy to this set of images. The token consists of a descriptive label (the policyToken) concatenated with a property-specific identifier that’s generated when you save the property. The API registers the token when you activate the property. (Option Previously Named: advanced_settings_enabled. Retyped as boolean.)

• policyToken (string): With advanced enabled, assign a prefix label to help match the policy token to this set of images, limited to 32 alphanumeric or underscore characters. If you don’t specify a label, default becomes the prefix. (Option Previously Named: api_key.)

• policyTokenDefault (string): Specify the default policy identifier, which is registered with the Image Manager API once you activate this property. The advanced option must be inactive. (Option Previously Named: api_key_default.)

• enabled (boolean): Applies the Input Validation Cloudlet behavior.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• label (string): Distinguishes this Input Validation policy from any others within the same property.

• userIdentificationByCookie (boolean): When enabled, identifies users by the value of a cookie.

• userIdentificationKeyCookie (string): With userIdentificationByCookie enabled, this specifies the cookie name whose value must remain constant across requests to identify a user.

• userIdentificationByIp (boolean): When enabled, identifies users by specific IP address. Do not enable this if you are concerned about DDoS attacks from many different IP addresses.

• userIdentificationByHeaders (boolean): When enabled, identifies users by specific HTTP headers on GET or POST requests.

• userIdentificationKeyHeaders (array of string values): With userIdentificationByHeaders enabled, this specifies the HTTP headers whose combined set of values identify each end user.

• userIdentificationByParams (boolean): When enabled, identifies users by specific query parameters on GET or POST requests.

• userIdentificationKeyParams (array of string values): With userIdentificationByParams enabled, this specifies the query parameters whose combined set of values identify each end user.

• allowLargePostBody (boolean): Fails POST request bodies that exceed 16 KB when enabled, otherwise allows them to pass with no validation for policy compliance.

• resetOnValid (boolean): Upon receiving a valid request, enabling this resets the penaltyThreshold counter to zero. Otherwise, even those series of invalid requests that are interrupted by valid requests may trigger the penaltyAction. (In the Beta API, please substitute "true" and "false" string values.)

• validateOnOriginWith (enum string): For any validation that edge servers can’t perform alone, this specifies additional validation steps based on how the origin identifies an invalid request. If a request is invalid, the origin can indicate this to the edge server either with a RESPONSE_CODE or RESPONSE_CODE_AND_HEADER. If no additional validation is necessary, specify DISABLED.

• validateOnOriginHeaderName (string): If validateOnOriginWith is set to RESPONSE_CODE_AND_HEADER, this specifies the header name for a request that the origin identifies as invalid.

• validateOnOriginHeaderValue (string): If validateOnOriginWith is set to RESPONSE_CODE_AND_HEADER, this specifies an invalid request’s header value that corresponds to the validateOnOriginHeaderName.

• validateOnOriginResponseCode (number): Unless validateOnOriginWith is DISABLED, this identifies the integer response code for requests the origin identifies as invalid.

• failure302Uri (string): Specifies the redirect link for invalid requests that have not yet triggered a penalty.

• penaltyThreshold (number): Specifies the number of invalid requests permitted before executing the penaltyAction.

• penaltyAction (enum string): Once the penaltyThreshold of invalid requests is met, this specifies the response, either BRANDED_403, BLANK_403 or REDIRECT_302.

• penalty302Uri (string): With penaltyAction set to REDIRECT_302, this specifies the redirect link for end users who trigger the penalty.

• penaltyNetStorage (object): With penaltyAction set to BRANDED_403, this specifies the NetStorage account that serves out the penalty’s static 403 response content. Details appear in an object featuring a downloadDomainName string member that identifies the NetStorage hostname, and an integer cpCode to track the traffic.

• penalty403NetStoragePath (string): With penaltyAction set to BRANDED_403, this specifies the full path to the static 403 response content relative to the downloadDomainName in the penaltyNetStorage object.

• penaltyBrandedDenyCacheTtl (number within 5–30 range): With penaltyAction set to BRANDED_403, this specifies the penalty response’s time to live in the cache, 5 minutes by default.

• prefetchCacheable (boolean): When enabled, applies prefetching only to objects already set to be cacheable, for example using the caching behavior. Only applies to content with the tieredDistribution behavior enabled. (Option Previously Named: prefetch_cacheable. Retyped as boolean.)

• prefetchNoStore (boolean): Allows otherwise non-cacheable no-store content to prefetch if the URL path ends with / to indicate a request for a default file, or if the extension matches the value of the prefetchNoStoreExtensions option. Only applies to content with the sureRoute behavior enabled. (Option Previously Named: prefetch_no_store. Retyped as boolean.)

• prefetchNoStoreExtensions (array of string values): Specifies a set of file extensions for which the prefetchNoStore option is allowed. (Option Previously Named: prefetch_no_store_ext.)

• prefetchHtml (boolean): When enabled, allows edge servers to prefetch additional HTML pages while pages that link to them are being delivered. This only applies to links from <a> or <link> tags with the appropriate link relation attribute. (Option Previously Named: prefetch_html. Retyped as boolean.)

• customLinkRelations (array of string values): Specify link relation values that activate the prefetching behavior. For example, specifying fetch allows you to use shorter rel="fetch" markup. (Option Previously Named: customize_rel_attr.)

• enabled (boolean): Enables the InstantConfig behavior. (Option Previously Named: status. Retyped as boolean.)

• enabled (boolean): Enables the file optimization behavior. (Option Previously Named: status. Retyped as boolean.)

• enablePartialObjectCaching (enum string): Caches entire objects if set to NON_PARTIAL_OBJECT_CACHING. Otherwise when set to PARTIAL_OBJECT_CACHING, allows partial-object caching, which always applies to large objects served from NetStorage. To enable this, the origin must support byte range requests. (Option Previously Named: lfo_type. Changed poc to PARTIAL_OBJECT_CACHING, and nonpoc to NON_PARTIAL_OBJECT_CACHING.)

• minimumSize (string): Optimization only applies to files larger than this, expressed as a number suffixed with a unit string such as MB or GB. (Option Previously Named: min_size.)

• maximumSize (string): Optimization does not apply to files larger than this, expressed as a number suffixed with a unit string such as MB or GB. (Option Previously Named: max_size.)

• useVersioning (boolean): When enablePartialObjectCaching is set to PARTIAL_OBJECT_CACHING, enabling this option signals your intention to vary filenames by version, strongly recommended to avoid serving corrupt content when chunks come from different versions of the same file. (Option Previously Named: filenames_changed. Retyped as boolean.)

• enabled (boolean): When enabled, activates the bit rate limiting behavior. (Option Previously Named: option. Retyped as boolean.)

• bitrateTable (array): Specifies a download rate that corresponds to a thresholdTable entry. The bit rate appears as a two-member object consisting of a numeric bitrateValue and a bitrateUnit string, with allowed values of Kbps, Mbps, and Gbps. For example:

  "bitrateTable": [
      {
          "bitrateValue": 1,
          "bitrateUnit": "Kbps"
      }
  ]
  

• thresholdTable (array): Specifies the minimum size of the file or the amount of elapsed download time before applying the bit rate limit from the corresponding bitrateTable entry. The threshold appears as a two-member object consisting of a numeric thresholdValue and thresholdUnit string, with allowed values of s or B. This example throttles a download that lasts more than 5 seconds:

  "thresholdTable": [
      {
          "thresholdValue": 5,
          "thresholdUnit": "s"
      }
  ]
  

• enabled (boolean): Enables the partial-object caching behavior. (Option Previously Named: status. Retyped as boolean.)

• action (enum string): Either ADD, DELETE, MODIFY, or PASS incoming HTTP request headers. (Capitalized enum values.)

• standardAddHeaderName (enum string): If the value of action is ADD, this specifies the name of the field to add, either ACCEPT_ENCODING, ACCEPT_LANGUAGE, or OTHER. (Option Previously Named: standard_add_header_name. Capitalized enum values, with underscore delimiters.)

• standardDeleteHeaderName (enum string): If the value of action is DELETE, this specifies the name of the field to remove, either IF_MODIFIED_SINCE, VIA, or OTHER. (Option Previously Named: standard_delete_header_name. Capitalized enum values, with underscore delimiters.)

• standardModifyHeaderName (enum string): If the value of action is MODIFY, this specifies the name of the field to modify, either ACCEPT_ENCODING, ACCEPT_LANGUAGE, or OTHER. (Option Previously Named: standard_modify_header_name. Capitalized enum values, with underscore delimiters.)

• standardPassHeaderName (enum string): If the value of action is PASS, this specifies the name of the field to pass through, either ACCEPT_ENCODING, ACCEPT_LANGUAGE, or OTHER. (Option Previously Named: standard_pass_header_name. Capitalized enum values, with underscore delimiters.)

• customHeaderName (string; allows variables): Specifies a custom field name that applies when the relevant standard header name is set to OTHER. (Option Previously Named: custom_header_name.)

• headerValue (string; allows variables): With the action set to ADD, specifies the new header value. (Option Previously Named: header_value.)

• newHeaderValue (string; allows variables): With the action set to MODIFY, supplies an HTTP header replacement value. (Option Previously Named: new_header_value.)

• avoidDuplicateHeaders (boolean): When enabled with the action set to MODIFY, prevents creation of more than one instance of a header. (Option Previously Named: multi_headers_avoidance. Retyped as boolean.)

• action (enum string): Either ADD, DELETE, MODIFY, or PASS incoming HTTP response headers. (Capitalized enum values.)

• standardAddHeaderName (enum string): If the value of action is ADD, this specifies the name of the field to add, any of the following values:

CACHE_CONTROL
CONTENT_TYPE
EDGE_CONTROL
EXPIRES
LAST_MODIFIED
OTHER

(Option Previously Named: standard_add_header_name. Capitalized enum values, with underscore delimiters.)

• standardDeleteHeaderName (enum string): If the value of action is DELETE, this specifies the name of the field to remove, either CACHE_CONTROL, CONTENT_TYPE, VARY, or OTHER. (Option Previously Named: standard_delete_header_name. Capitalized enum values, with underscore delimiters.)

• standardModifyHeaderName (enum string): If the value of action is MODIFY, this specifies the name of the field to modify, either CACHE_CONTROL, CONTENT_TYPE, EDGE_CONTROL, or OTHER. (Option Previously Named: standard_modify_header_name. Capitalized enum values, with underscore delimiters.)

• standardPassHeaderName (enum string): If the value of action is PASS, this specifies the name of the field to pass through, either CACHE_CONTROL, EXPIRES, PRAGMA, or OTHER. (Option Previously Named: standard_pass_header_name. Capitalized enum values, with underscore delimiters.)

• customHeaderName (string; allows variables): Specifies a custom field name that applies when the relevant standard header name is set to OTHER. (Option Previously Named: custom_header_name.)

• headerValue (string; allows variables): With the action set to ADD, specifies the header’s new value. (Option Previously Named: header_value.)

• newHeaderValue (string): With the action set to MODIFY, specifies an HTTP header replacement value. (Option Previously Named: new_header_value.)

• avoidDuplicateHeaders (boolean): When enabled with the action set to MODIFY, prevents creation of more than one instance of a header. (Option Previously Named: multi_headers_avoidance. Retyped as boolean.)

• action (enum string): Either ADD or DELETE outgoing HTTP request headers, MODIFY their fixed values, or specify a REGEX pattern to transform them. (Capitalized enum values.)

• standardAddHeaderName (enum string): If the value of action is ADD, this specifies the name of the field to add, either USER_AGENT or OTHER. (Option Previously Named: standard_add_header_name. Capitalized enum values, with underscore delimiters.)

• standardDeleteHeaderName (enum string): If the value of action is DELETE, this specifies the name of the field to remove, either PRAGMA, USER_AGENT, VIA, or OTHER. (Option Previously Named: standard_delete_header_name. Capitalized enum values, with underscore delimiters.)

• standardModifyHeaderName (enum string): If the value of action is MODIFY or REGEX, this specifies the name of the field to modify, either USER_AGENT or OTHER. (Option Previously Named: standard_modify_header_name. Capitalized enum values, with underscore delimiters.)

• customHeaderName (string; allows variables): Specifies a custom field name that applies when the relevant standard header name is set to OTHER. (Option Previously Named: custom_header_name.)

• headerValue (string; allows variables): With the action set to ADD, specifies the new header value. (Option Previously Named: header_value.)

• newHeaderValue (string): With the action set to MODIFY, specifies an HTTP header replacement value. (Option Previously Named: new_header_value.)

• regexHeaderMatch (string; allows variables): When the action is REGEX, specifies a Perl-compatible regular expression to match within the header value. (Option Previously Named: regex_header_match.)

• regexHeaderReplace (string; allows variables): When the action is REGEX, specifies text that replaces the regexHeaderMatch pattern within the header value. (Option Previously Named: regex_header_replace.)

• matchMultiple (boolean): When enabled with the action set to REGEX, replaces all occurrences of the matched regular expression, otherwise only the first match if disabled. (Option Previously Named: match_multiple. Retyped as boolean.)

• avoidDuplicateHeaders (boolean): When enabled with the action set to MODIFY, prevents creation of more than one instance of a header. (Option Previously Named: multi_headers_avoidance. Retyped as boolean.)

• action (enum string): Either ADD or DELETE outgoing HTTP response headers, MODIFY their fixed values, or specify a REGEX pattern to transform them. (Capitalized enum values.)

• standardAddHeaderName (enum string): If the value of action is ADD, this specifies the name of the field to add, any of the following values:

ACCESS_CONTROL_ALLOW_CREDENTIALS
ACCESS_CONTROL_ALLOW_HEADERS
ACCESS_CONTROL_ALLOW_METHODS
ACCESS_CONTROL_ALLOW_ORIGIN
ACCESS_CONTROL_EXPOSE_HEADERS
ACCESS_CONTROL_MAX_AGE
CACHE_CONTROL
CONTENT_DISPOSITION
CONTENT_TYPE
EDGE_CONTROL
OTHER
P3P
PRAGMA

(Option Previously Named: standard_add_header_name. Capitalized enum values, with underscore delimiters.)

• standardDeleteHeaderName (enum string): If the value of action is DELETE, this specifies the name of the field to remove, any of the following values:

ACCESS_CONTROL_ALLOW_CREDENTIALS
ACCESS_CONTROL_ALLOW_HEADERS
ACCESS_CONTROL_ALLOW_METHODS
ACCESS_CONTROL_ALLOW_ORIGIN
ACCESS_CONTROL_EXPOSE_HEADERS
ACCESS_CONTROL_MAX_AGE
CACHE_CONTROL
CONTENT_DISPOSITION
CONTENT_TYPE
EXPIRES
OTHER
P3P
PRAGMA

(Option Previously Named: standard_delete_header_name. Capitalized enum values, with underscore delimiters.)

• standardModifyHeaderName (enum string): If the value of action is MODIFY or REGEX, this specifies the name of the field to modify, any of the following values:

ACCESS_CONTROL_ALLOW_CREDENTIALS
ACCESS_CONTROL_ALLOW_HEADERS
ACCESS_CONTROL_ALLOW_METHODS
ACCESS_CONTROL_ALLOW_ORIGIN
ACCESS_CONTROL_EXPOSE_HEADERS
ACCESS_CONTROL_MAX_AGE
CACHE_CONTROL
CONTENT_DISPOSITION
CONTENT_TYPE
OTHER
P3P
PRAGMA

(Option Previously Named: standard_modify_header_name. Capitalized enum values, with underscore delimiters.)

• customHeaderName (string; allows variables): Specifies a custom field name that applies when the relevant standard header name is set to OTHER. (Option Previously Named: custom_header_name.)

• headerValue (string; allows variables): Specifies the existing value of the header to match. (Option Previously Named: header_value.)

• newHeaderValue (string; allows variables): With the action set to MODIFY, specifies the new HTTP header replacement value. (Option Previously Named: new_header_value.)

• regexHeaderMatch (string): When the action is REGEX, specifies a Perl-compatible regular expression to match within the header value. (Option Previously Named: regex_header_match.)

• regexHeaderReplace (string; allows variables): When the action is REGEX, specifies text that replaces the regexHeaderMatch pattern within the header value. (Option Previously Named: regex_header_replace.)

• matchMultiple (boolean): When enabled with the action set to REGEX, replaces all occurrences of the matched regular expression, otherwise only the first match if disabled. (Option Previously Named: match_multiple. Retyped as boolean.)

• avoidDuplicateHeaders (boolean): When enabled with the action set to MODIFY, prevents creation of more than one instance of a header. The last header clobbers others with the same name. This option affects the entire set of outgoing headers, and is not confined to the subset of regular expression matches. (Option Previously Named: multi_headers_avoidance. Retyped as boolean.)

• enabled (boolean): Enables NetSession DLM capabilities for this content. (Option Previously Named: netsession. Retyped as boolean.)

• enableDomain (boolean): … (Option Previously Named: enable_domain. Retyped as boolean.)

• enableDownloadManager (boolean): When enabled, launches files once they are fully downloaded. For example, specify this option to run an executable application. (Option Previously Named: enable_dlm. Retyped as boolean.)

• enableDownloadClients (boolean): When enabled, allows download clients to form a peer-to-peer network to reduce transmission time. (Option Previously Named: enable_download_clients. Retyped as boolean.)

• disableReporting (boolean): Disable download state reporting via HTTP beacon messages. Otherwise when enabled, you can view the state of each download by choosing Monitor⇒Download Analytics on the DLM client. (Option Previously Named: disable_reporting. Retyped as boolean.)

• resumeUrl (array of string values): Specify an alternate domain from which to resume a paused download. This generates a corresponding shortcut link on the end user’s desktop that disappears after the download is complete. (Option Previously Named: resume_url.)

• organizationName (string): The name of the organization that displays in the NetSession client DLM interface. (Option Previously Named: org_name.)

• supportUrl (string): A supporting link to the organizationName that displays in the NetSession client DLM interface. (Option Previously Named: support_url.)

• behavior (enum string): If set to TWO_TIER, assessment is either Excellent or Poor. If set to THREE_TIER, the assessment can also be Fair. (Changed 2tier enum value to TWO_TIER, and 3tier to THREE_TIER.)

• originType (enum string): Choose whether your content is retrieved from your own server (CUSTOMER), your NetStorage account (NET_STORAGE), any available Edge Load Balancing origin (EDGE_LOAD_BALANCING_ORIGIN_GROUP), a set of Application Load Balancer origins (APPLICATION_LOAD_BALANCER), or a SaaS dynamic origin (SAAS_DYNAMIC_ORIGIN) if SaaS acceleration is available on your contract. NetStorage is most appropriate for static content. (Option Previously Named: type. Capitalized enum values, with underscore delimiters. Changed elb_origin_group enum value to EDGE_LOAD_BALANCING_ORIGIN_GROUP.)

• netStorage (object): If the originType is NET_STORAGE, this option specifies the details of the netstorage server. For example:

  "netStorage": {
      "id"                 : "id_string",
      "name"               : "Example Downloads",
      "downloadDomainName" : "example.download.akamai.com",
      "cpCode"             : 12345
  }
  

  (Option Previously Named: netstorage.)

• originId (string): With the originType set to EDGE_LOAD_BALANCING_ORIGIN_GROUP, identifies the Edge Load Balancing origin. This must correspond to an edgeLoadBalancingOrigin behavior’s id attribute within the same property. (Option Previously Named: origin_id.)

• hostname (string; allows variables): With the originType set to CUSTOMER, this specifies the hostname or IPv4 address of your origin server, from which edge servers can retrieve your content.

• saasType (enum string): With originType set to SAAS_DYNAMIC_ORIGIN, specifies the part of the request that identifies this SaaS dynamic origin, either PATH, COOKIE, QUERY_STRING, or HOSTNAME. (Option Previously Named: saas_type. Capitalized enum values.)

• saasCnameEnabled (boolean): With saasType set to HOSTNAME, enabling this allows you to use a CNAME chain to determine the hostname for this SaaS dynamic origin. (Option Previously Named: saas_cname_enabled. Retyped as boolean.)

• saasCnameLevel (number): With saasType set to HOSTNAME and saasCnameEnabled on, specifies the desired number of hostnames to use in the CNAME chain, starting backwards from the edge server. (Option Previously Named: saas_cname_level.)

• saasCookie (string): With the originType set to SAAS_DYNAMIC_ORIGIN and the saasType set to COOKIE, this specifies the name of the cookie that identifies this SaaS dynamic origin. (Option Previously Named: saas_cookie.)

• saasQueryString (string): With the originType set to SAAS_DYNAMIC_ORIGIN and the saasType set to QUERY_STRING, this specifies the name of the query parameter that identifies this SaaS dynamic origin. (Option Previously Named: saas_query_string.)

• saasRegex (string): With the originType set to SAAS_DYNAMIC_ORIGIN, this specifies the Perl-compatible regular expression match that identifies this SaaS dynamic origin. (Option Previously Named: saas_regex.)

• saasReplace (string): Specifies replacement text for what saasRegex matches. (Option Previously Named: saas_replace.)

• saasSuffix (string): With the originType set to SAAS_DYNAMIC_ORIGIN, specifies the static part of the SaaS dynamic origin. (Option Previously Named: saas_suffix.)

• forwardHostHeader (enum string): When the originType is set to either CUSTOMER or SAAS_DYNAMIC_ORIGIN, this specifies which Host header to pass to the origin:

  • REQUEST_HOST_HEADER passes the original request’s header.
  • ORIGIN_HOSTNAME passes the current origin’s HOSTNAME.
  • CUSTOM passes the value of customForwardHostHeader. Use this option if you want requests handled by different properties to converge on the same cached object.

  (Option Previously Named: forwardhostheader. Capitalized enum values, with underscore delimiters.)

• customForwardHostHeader (string): With forwardHostHeader set to CUSTOM, this specifies the name of the custom host header the edge server should pass to the origin. (Option Previously Named: customforwardhostheader.)

• cacheKeyHostname (enum string): With the originType set to CUSTOM, this specifies the hostname to use when forming a cache key. Specify ORIGIN_HOSTNAME if your origin server’s responses do not depend on the hostname, otherwise specify REQUEST_HOST_HEADER when using a virtual server. (Option Previously Named: cachekeyhostname. Enum values now use underscore delimiters.)

• compress (boolean): Enables gzip compression for non-NetStorage origins. (Option Previously Named: compression. Retyped as boolean.)

• enableTrueClientIp (boolean): When enabled on non-NetStorage origins, allows you to send a custom header (the trueClientIpHeader) identifying the IP address of the immediate client connecting to the edge server. This may provide more useful information than the standard X-Forward-For header, which proxies may modify. (Option Previously Named: tcip_enabled. Retyped as boolean.)

• trueClientIpHeader (string): With enableTrueClientIp enabled, this specifies the name of the field that identifies the end client’s IP address, for example True-Client-IP. (Option Previously Named: tcip_header.)

• trueClientIpClientSetting (boolean): With enableTrueClientIp on along with this option, if a client sets the True-Client-IP header, the edge server allows it and passes the value to the origin. Otherwise the edge server removes it and sets the value itself. (Option Previously Named: tcip_allow_clients_to_set. Retyped as boolean.)

• verificationMode (enum string): For non-NetStorage origins, maximize security by controlling which certificates edge servers should trust, either PLATFORM_SETTINGS, THIRD_PARTY when your origin server references certain types of third-party hostname, or CUSTOM. The CUSTOM option only applies if the property is marked as secure. See Secure Property Requirements for guidance. Under some products, you may also need to enable the Secure Delivery - Customer Cert module. Contact your Akamai representative for details. (Option Previously Named: origin_cert_delegate. Capitalized enum values. Changed delegate enum value to PLATFORM_SETTINGS. Removed warn enum value.)

• originTlsChoice (enum string): For non-NetStorage origins, maximize security by controlling which TLS or SSL versions to use or fall back to when going forward to the origin. Setting the value to TLSV1_2, TLSV1_1, or TLSV1 enforces TLS versions 1.2, 1.1, or 1.0, respectively. Setting the value to DYNAMIC specifies the latest TLS version (1.2) and falls back to each previous version if necessary. Setting the value to SELECT allows you to use the originTlsSelectValues option below to add SSL 3.0 to a custom sequence to try. Contact your Akamai representative if you need help comparing TLS and SSL.

• originTlsSelectValues (array of string values): With originTlsChoice set to SELECT, this specifies a custom sequence of TLS and SSL protocols to try to use when going forward to origin, any of these values: TLSv1.2, TLSv1.1, TLSv1, and SSLv3. An additional DYNAMIC value specifies the highest TLS version the origin accepts.

• originSni (boolean): For non-NetStorage origins, enabling this adds a Server Name Indication (SNI) header in the SSL request sent to the origin, with the origin hostname as the value. Contact your Akamai representative for more information.

• customValidCnValues (array of string values): With verificationMode set to CUSTOM, specifies values to look for in the origin certificate’s Subject Alternate Name or Common Name fields. Specify {{Origin Hostname}} and {{Forward Host Header}} as variables in the order you want them to be evaluated. (Option Previously Named: origin_cert_valid_cn_other.)

• originCertsToHonor (enum string): With verificationMode set to CUSTOM, specifies whether to trust pinned origin server certificates (CUSTOM_CERTIFICATES), any certificate signed by an Akamai-managed authority set (STANDARD_CERTIFICATE_AUTHORITIES), or any certificate signed by a custom authority set you manage (CUSTOM_CERTIFICATE_AUTHORITIES). If set to COMBO, may rely on all three inputs. (Option Previously Named: origin_certs_to_honor. Capitalized enum values. Changed custom_cas enum value to CUSTOM_CERTIFICATE_AUTHORITIES, custom_certs to CUSTOM_CERTIFICATES, and standard_cas to STANDARD_CERTIFICATE_AUTHORITIES.)

• standardCertificateAuthorities (object): With originCertsToHonor set to either STANDARD_CERTIFICATE_AUTHORITIES or COMBO, specifies an array of Akamai-managed certificate names. Currently, the only allowed value is akamai-permissive. (Option Previously Named: origin_cert_standard_cas. Capitalized enum values.)

• customCertificateAuthorities (object): With originCertsToHonor set to either CUSTOM_CERTIFICATE_AUTHORITIES or COMBO, specifies an array of certification objects. Contact your Akamai representative for details on this object’s requirements. (Option Previously Named: origin_cert_custom_cas.)

• customCertificates (object): With originCertsToHonor set to either CUSTOM_CERTIFICATES or COMBO, specifies an array of certification objects. Contact your Akamai representative for details on this object’s requirements. (Option Previously Named: origin_cert_custom_certs.)

• httpPort (number): Specifies the port on your origin server to which edge servers should connect for HTTP requests, customarily 80. (Option Previously Named: http_port.)

• httpsPort (number): Specifies the port on your origin server to which edge servers should connect for secure HTTPS requests, customarily 443. This option only applies if the property is marked as secure. See Secure Property Requirements for guidance. (Option Previously Named: https_port.)

• enabled (boolean): Enables the persistent connections behavior. (Option Previously Named: status. Retyped as boolean.)

• timeout (duration string): Specifies the timeout period after which edge server closes the persistent connection with the client, 500 seconds by default.

• enabled (boolean): Enables persistent connections. (Option Previously Named: status. Retyped as boolean.)

• timeout (duration string): Specifies the timeout period after which edge server closes a persistent connection.

• enabled (boolean): When enabled, marks content as personally identifiable information (PII). (Option Previously Named: treat_as_pii. Retyped as boolean.)

• enabled (boolean): Enables the predictive prefetching behavior. (Option Previously Named: status. Retyped as boolean.)

• accuracyTarget (enum string): The level of prefetching, either LOW, MEDIUM, or HIGH. A higher level results in better client performance, but potentially greater load on the origin. (Option Previously Named: accuracy-target. Capitalized enum values. Changed med enum value to MEDIUM.)

• enabled (boolean): Applies prefetching behavior when enabled. (Option Previously Named: enabled. Retyped as boolean.)

• enabled (boolean): When enabled, allows matching content to prefetch when referenced on a requested parent page. (Option Previously Named: enabled. Retyped as boolean.)

• enabled (boolean): Enables the cache prefreshing behavior. (Retyped as boolean.)

• prefreshval (number within 0–99 range): Specifies when the prefresh occurs as a percentage of the TTL. For example, for an object whose cache has 10 minutes left to live, and an origin response that is routinely less than 30 seconds, a percentage of 95 prefreshes the content without unnecessarily increasing load on the origin.

• flv (boolean): Enables random seek optimization in FLV files. (Retyped as boolean.)

• mp4 (boolean): Enables random seek optimization in MP4 files. (Retyped as boolean.)

• maximumSize (string): With the mp4 option enabled, sets the maximum size of the MP4 file to optimize, expressed as a number suffixed with a unit string such as MB or GB. (Option Previously Named: max_size.)

• value (duration string): Specifies the read timeout necessary before failing with a 504 error. This value should never be zero. (Option Previously Named: timeout.)

• enabled (boolean): When enabled, activates real-use monitoring. (Option Previously Named: status. Retyped as boolean.)

• mobileDefaultChoice (enum string): When set to MOBILE, allows only a 302 response code. When set to DEFAULT, allows all other responseCode values. (Option Previously Named: mobile_default_choice. Capitalized enum values.)

• destinationProtocol (enum string): Choose the protocol for the redirect URL, either HTTP, HTTPS, or SAME_AS_REQUEST to pass through the original protocol. (Option Previously Named: destination_protocol. Capitalized enum values.)

• destinationHostname (enum string): Specify how to change the requested hostname, independently from the pathname:

  • SUBDOMAIN prepends a subdomain from the destinationHostSubdomain field.
  • SIBLING replaces the leftmost subdomain with the destinationHostSibling field.
  • OTHER specifies a static domain in the destinationHostnameOther field.
  • SAME_AS_REQUEST preserves the hostname unchanged.

  (Option Previously Named: destination_host. Capitalized enum values.)

• destinationHostSubdomain (string; allows variables): If destinationHostname is set to SUBDOMAIN, this specifies a subdomain to prepend to the current hostname. For example, a value of m changes www.example.com to m.www.example.com. (Option Previously Named: destination_host_subdomain.)

• destinationHostSibling (string; allows variables): If destinationHostname is set to SIBLING, this specifies the subdomain with which to replace to the current hostname’s leftmost subdomain. For example, a value of m changes www.example.com to m.example.com. (Option Previously Named: destination_host_sibling.)

• destinationHostnameOther (string; allows variables): If destinationHostname is set to OTHER, this specifies the full hostname with which to replace the current hostname. (Option Previously Named: destination_host_other.)

• destinationPath (enum string): Specify how to change the requested pathname, independently from the hostname:

  • PREFIX_REQUEST prepends a path with the destinationPathPrefix field. You also have the option to specify a suffix using destinationPathSuffix and destinationPathSuffixStatus.
  • OTHER replaces the current path with the destinationPathOther field.
  • SAME_AS_REQUEST preserves the current path unchanged.

  (Option Previously Named: destination_path. Capitalized enum values.)

• destinationPathPrefix (string; allows variables): When destinationPath is set to PREFIX_REQUEST, this prepends the current path. For example, a value of /prefix/path changes /example/index.html to /prefix/path/example/index.html. (Option Previously Named: destination_path_prefix.)

• destinationPathSuffixStatus (enum string): When destinationPath is set to PREFIX_REQUEST, this gives you the option of adding a suffix. Specify NO_SUFFIX if you want to preserve the end of the path unchanged. If you specify SUFFIX, the destinationPathSuffix provides the value. (Option Previously Named: destination_path_suffix_status. Capitalized enum values.)

• destinationPathSuffix (string; allows variables): When destinationPath is set to PREFIX_REQUEST and destinationPathSuffixStatus is set to SUFFIX, this specifies the suffix to append to the path. (Option Previously Named: destination_path_suffix.)

• destinationPathOther (string; allows variables): When destinationPath is set to PREFIX_REQUEST, this replaces the current path. (Option Previously Named: destination_path_other.)

• queryString (enum string): When set to APPEND, passes incoming query string parameters as part of the redirect URL. Otherwise set this to IGNORE. (Capitalized enum values.)

• responseCode (numeric enum): Specify the redirect’s response code: 301 (Moved Permanently), 302 (Found), 303 (See Other), or 307 (Temporary Redirect). (Retyped enum values as numeric.)

• enabled (boolean): Enables the redirect feature. (Option Previously Named: status. Retyped as boolean.)

• destination (string; allows variables): Specifies the redirect as a path expression starting with a / character relative to the current root, or as a fully qualified URL. Optionally inject variables, as in this example that refers to the original request’s filename: /path/to/{{builtin.AK_FILENAME}}.

• responseCode (numeric enum): Assigns the status code for the redirect response, either 301, 302, 303, or 307. (Retyped enum values as numeric.)

• enabled (boolean): Enables the referer-checking behavior. (Option Previously Named: status. Retyped as boolean.)

• strict (boolean): When enabled, excludes requests whose Referer header include a relative path, or that are missing a Referer. When disabled, only excludes requests whose Referer hostname is not part of the domains set. (Retyped as boolean.)

• domains (array of string values): Specifies the set of allowed domains. With allowChildren disabled, prefixing values with *. specifies domains for which subdomains are allowed. (Option Previously Named: domain.)

• allowChildren (boolean): When enabled, allows all subdomains for the domains set, just like adding a *. prefix to each. (Option Previously Named: allowchildren. Retyped as boolean.)

• parameters (array of string values): Specifies parameters to remove from the request. (Option Previously Named: removelist.)

• enabled (boolean): When enabled, removes the Vary header to ensure objects can be cached. (Option Previously Named: remove_vary. Retyped as boolean.)

• logHost (boolean): Log the Host header. (Option Previously Named: host_enabled. Retyped as boolean.)

• logReferer (boolean): Log the Referer header. (Option Previously Named: referer_enabled. Retyped as boolean.)

• logUserAgent (boolean): Log the User-Agent header. (Option Previously Named: useragent_enabled. Retyped as boolean.)

• logAcceptLanguage (boolean): Log the Accept-Language header. (Option Previously Named: acceptlang_enabled. Retyped as boolean.)

• logCookies (enum string): With a set of defined cookie names, specifies whether you want to log ALL or SOME cookies, or to turn OFF the feature to stop logging cookies. (Option Previously Named: cookie_mode. Capitalized enum values.)

• cookies (array of string values): With logCookies set to SOME, this specifies the set of cookies names whose values you want to log.

• enabled (boolean): Enables the Request Control Cloudlet.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• enableBranded403 (boolean): If enabled, serves a branded 403 page for this Cloudlet instance.

• branded403StatusCode (numeric enum): Specifies the response status code for the branded deny action, either 200, 302, 403, or 503.

• netStorage (object): Specifies the NetStorage domain that contains the branded 403 page.

• branded403File (string): Specifies the full path of the branded 403 page, including the filename, but excluding the NetStorage CP code path component.

• branded403Url (string): Specifies the redirect URL for the branded deny action.

• brandedDenyCacheTtl (number within 5–30 range): Specifies the branded response page’s time to live in the cache, 5 minutes by default.

• statusCode (numeric enum): The HTTP status code to replace the existing one, any of the following:

100
101
102
103
122
200
201
202
203
204
205
206
207
226
300
301
302
303
304
305
306
307
308
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
422
423
424
425
426
428
429
431
444
449
450
499
500
501
502
503
504
505
506
507
509
510
511
598
599

(Option Previously Named: statuscode. Retyped enum values as numeric.)

• override206 (boolean): When enabled, allows any specified 200 success code to override a 206 partial-content code, in which case the response’s content length matches the requested range length. (Option Previously Named: enable206override. Retyped as boolean.)

• enabled (boolean): When enabled, allows you to set a response cookie. (Option Previously Named: status. Retyped as boolean.)

• cookieName (string; allows variables): Specifies the name of the cookie, which serves as a key to determine if the cookie is set. (Option Previously Named: name.)

• type (enum string): Assign either a UNIQUE value, or a FIXED one based on the value field. (Capitalized enum values.)

• value (string; allows variables): If the cookie type is FIXED, this specifies the cookie value.

• format (enum string): When the type of cookie is set to UNIQUE, set this to either APACHE or AKAMAI format. The latter format adds milliseconds to the date stamp. (Capitalized enum values.)

• defaultDomain (boolean): When enabled, uses the default domain value, otherwise the set specified in the domain field. (Retyped as boolean.)

• defaultPath (boolean): When enabled, uses the default path value, otherwise the set specified in the path field. (Retyped as boolean.)

• domain (string; allows variables): If the defaultDomain is disabled, this sets the domain for which the cookie is valid. For example, example.com makes the cookie valid for that hostname and all subdomains.

• path (string; allows variables): If the defaultPath is disabled, sets the path component for which the cookie is valid.

• expires (enum string): Sets various ways to specify when the cookie expires:

  • A value of NEVER lets the cookie persist indefinitely.
  • A value of ON_BROWSER_CLOSE limits the cookie to the duration of the session.
  • A value of DURATION requires a corresponding DURATION field value.
  • A value of FIXED_DATE requires a corresponding expirationDate field value.

  (Capitalized enum values.)

• expirationDate (ISO 8601 format date/time string): If expires is set to FIXED_DATE, this sets when the cookie expires as a UTC date and time. (Option Previously Named: expiration_date.)

• duration (duration string): If expires is set to DURATION, this sets the cookie’s lifetime.

• secure (boolean): When enabled, sets the cookie’s Secure flag to transmit it with HTTPS. (Retyped as boolean.)

• disableHtml (read-only string): Disables edge caching for HTML content. (Option Previously Named: html_disabled.)

• maximumSize (read-only string): Specifies a fixed maximum size of non-HTML content to cache. (Option Previously Named: maximum_size.)

• behavior (enum string): The action to perform on the path:

  • If set to PREPEND, specify the targetPathPrepend. For example, if set to /prefix/, /path1/page.html changes to /prefix/path1/page.html.

  • If set to REPLACE, specify the match and targetPath. For example, a match of /path1/ and a targetPath of /path1/path2/ changes /path1/page.html to /path1/path2/page.html.

  • If set to REGEX_REPLACE, specify the matchRegex and targetRegex. For example, specifying logo\\.(png|gif|jpe?g) and brand\$1 changes logo.png to brand.png.

  • If set to REWRITE, specify the targetUrl. For example, you can direct traffic to /error/restricted.html.

  • If set to REMOVE, specify the match. For example, a match of /path2/ changes /path1/path2/page.html to /path1/page.html.

  (Capitalized enum values, with underscore delimiters.)

• match (string): When behavior is REMOVE or REPLACE, specifies the part of the incoming path you’d like to remove or modify. (Option Previously Named: trigger.)

• matchRegex (string): When behavior is set to REGEX_REPLACE, specifies the Perl-compatible regular expression to replace with targetRegex. (Option Previously Named: triggerregex.)

• targetRegex (string; allows variables): When behavior is set to REGEX_REPLACE, this replaces whatever the matchRegex field matches, along with any captured sequences from \$1 through \$9. (Option Previously Named: targetregex.)

• targetPath (string; allows variables): When behavior is set to REPLACE, this path replaces whatever the match field matches in the incoming request’s path. (Option Previously Named: targetpath.)

• targetPathPrepend (string; allows variables): When behavior is set to PREPEND, specifies a path to prepend to the incoming request’s URL. (Option Previously Named: targetpathprepend.)

• targetUrl (string; allows variables): When behavior is set to REWRITE, specifies the full path to request from the origin. (Option Previously Named: targeturl.)

• matchMultiple (boolean): When enabled, replaces all potential matches rather than only the first. (Option Previously Named: match_multiple. Retyped as boolean.)

• keepQueryString (boolean): When enabled, retains the original path’s query parameters. (Option Previously Named: keepqs. Retyped as boolean.)

• applicationAction (enum string): Specifies the request component that identifies a SaaS application, either COOKIE, HOSTNAME, PATH, or QUERY_STRING. Setting it to DISABLED effectively ignores applications. (Option Previously Named: application_action. Capitalized enum values.)

• applicationCookie (string): With applicationAction set to COOKIE, this specifies the name of the cookie that identifies the application. (Option Previously Named: application_cookie.)

• applicationQueryString (string): With applicationAction set to QUERY_STRING, this names the query parameter that identifies the application. (Option Previously Named: application_query_string.)

• applicationCnameEnabled (boolean): With applicationAction set to HOSTNAME, enabling this allows you to identify applications using a CNAME chain rather than a single hostname. (Option Previously Named: application_cname_enabled. Retyped as boolean.)

• applicationCnameLevel (number): With applicationCnameEnabled on, this specifies the number of CNAMEs to use in the chain. (Option Previously Named: application_cname_level.)

• applicationRegex (string): Specifies a Perl-compatible regular expression with which to substitute the request’s application ID. (Option Previously Named: application_regex.)

• applicationReplace (string): Specifies a string to replace the request’s application ID matched by applicationRegex. (Option Previously Named: application_replace.)

• customerAction (enum string): Specifies the request component that identifies a SaaS customer, either COOKIE, HOSTNAME, PATH, or QUERY_STRING. Setting it to DISABLED effectively ignores customers. (Option Previously Named: customer_action. Capitalized enum values.)

• customerCookie (string): With customerAction set to COOKIE, this specifies the name of the cookie that identifies the customer. (Option Previously Named: customer_cookie.)

• customerQueryString (string): With customerAction set to QUERY_STRING, this names the query parameter that identifies the customer. (Option Previously Named: customer_query_string.)

• customerCnameEnabled (boolean): With customerAction set to HOSTNAME, enabling this allows you to identify customers using a CNAME chain rather than a single hostname. (Option Previously Named: customer_cname_enabled. Retyped as boolean.)

• customerCnameLevel (number): With customerCnameEnabled on, this specifies the number of CNAMEs to use in the chain. (Option Previously Named: customer_cname_level.)

• customerRegex (string): Specifies a Perl-compatible regular expression with which to substitute the request’s customer ID. (Option Previously Named: customer_regex.)

• customerReplace (string): Specifies a string to replace the request’s customer ID matched by customerRegex. (Option Previously Named: customer_replace.)

• usersAction (enum string): Specifies the request component that identifies a SaaS user, either COOKIE, HOSTNAME, PATH, or QUERY_STRING. Setting it to DISABLED effectively ignores users. (Option Previously Named: user_action. Capitalized enum values.)

• usersCookie (string): With usersAction set to COOKIE, this specifies the name of the cookie that identifies the user. (Option Previously Named: users_cookie.)

• usersQueryString (string): With usersAction set to QUERY_STRING, this names the query parameter that identifies the user. (Option Previously Named: users_query_string.)

• usersCnameEnabled (boolean): With usersAction set to HOSTNAME, enabling this allows you to identify users using a CNAME chain rather than a single hostname. (Option Previously Named: users_cname_enabled. Retyped as boolean.)

• usersCnameLevel (number): With userCnameEnabled on, this specifies the number of CNAMEs to use in the chain. (Option Previously Named: users_cname_level.)

• usersRegex (string): Specifies a Perl-compatible regular expression with which to substitute the request’s user ID. (Option Previously Named: users_regex.)

• usersReplace (string): Specifies a string to replace the request’s user ID matched by usersRegex. (Option Previously Named: users_replace.)

• enabled (boolean): Enables processing of POST requests. (Retyped as boolean.)

• start (ISO 8601 format date/time string): The UTC date and time when matching cached content is to expire.

• repeat (boolean): When enabled, invalidation recurs periodically from the start time based on the repeatInterval time. (Option Previously Named: repetition_enabled. Retyped as boolean.)

• repeatInterval (duration string): With repeat enabled, specifies how often to invalidate content from the start time, expressed in seconds. For example, an expiration set to midnight and an interval of 86400 seconds invalidates content once a day. Repeating intervals of less than 5 minutes are not allowed for NetStorage origins. (Option Previously Named: repeatinterval.)

• refreshMethod (enum string): Specifies how to invalidate the content. Setting it to INVALIDATE sends an If-Modified-Since request to the origin, re-caching the content only if it is fresher. Setting it to PURGE re-caches content regardless of its freshness, potentially creating more traffic at the origin. (Option Previously Named: refresh_method. Capitalized enum values.)

• enabled (boolean): Enables the segmented content protection behavior. (Option Previously Named: segmentedcontentprotectionswitch. Retyped as boolean.)

• key (string): Specifies the encryption key to use as a shared secret to validate tokens.

• useAdvanced (boolean): When enabled, allows you to specify advanced transitionKey and salt options. (Option Previously Named: show_advanced. Retyped as boolean.)

• transitionKey (string): An alternate encryption key to match along with the key field, allowing you to rotate keys with no down time.

• salt (string): Specifies a salt as input into the token for added security. This value must match the salt used in the token generation code.

• failureResponse (enum string): Either VERIFY_AND_DENY or VERIFY_ONLY. (Enum values now use underscore delimiters.)

• behavior (enum string): Set to either cached ON_DEMAND, or streaming LIVE. Only ON_DEMAND is allowed for NetStorage origins. (Capitalized enum values.)

• variableName (string): Specifies the predeclared root name of the variable to modify. When you declare a variable name such as VAR, its name is preprended with PMUSER_ and accessible in a user namespace, so that you invoke it in subsequent text fields within the rule tree as {{user.PMUSER_VAR}}. In deployed XML metadata, it appears as %(PMUSER_VAR).

• valueSource (enum string): Determines how you want to set the value: either GENERATE it, EXTRACT it from another value, or specify your own string EXPRESSION.

• variableValue (string; allows variables): With valueSource set to EXPRESSION, this directly specifies the value to assign to the variable. The expression may include a mix of static text and other variables, such as new_filename.{{builtin.AK_EXTENSION}} to embed a system variable.

• extractLocation (enum string): With valueSource set to EXTRACT, this specifies from where to get the value, either the CLIENT_CERTIFICATE, CLIENT_REQUEST_HEADER, COOKIE, EDGESCAPE (for location or network data), PATH_COMPONENT_NAME, PATH_COMPONENT_OFFSET, PATH_PARAMETER, or QUERY_STRING.

• certificateFieldName (enum string): With extractLocation set to CLIENT_CERTIFICATE, specifies the certificate’s content, either:

  • CONTENTS_DER: The entire DER-encoded certificate, expressed in hex.
  • CONTENTS_PEM: The PEM-formatted certificate encoded as a single line of base64 characters.
  • CONTENTS_PEM_NO_LABELS: Same as CONTENTS_PEM, but not including the certificate’s header and footer.
  • COUNT: The number of client certificates received.
  • FINGERPRINT_DYN: The hex-encoded fingerprint generated based on the SIGNATURE_ALGORITHM.
  • FINGERPRINT_MD5: The hex-encoded MD5 fingerprint.
  • FINGERPRINT_SHA1: The hex-encoded SHA1 fingerprint.
  • ISSUER_DN: The distinguished name field for the certificate’s issuer.
  • KEY_LENGTH: The size of the key in bits.
  • NOT_AFTER: The end of the time range, expressed in YYYY/MM/DD HH:MI:SS ZONE format, where the zone is optional.
  • NOT_BEFORE: The start of the time range, expressed in YYYY/MM/DD HH:MI:SS ZONE format, where the zone is optional.
  • SERIAL: The serial number, expressed in hex.
  • SIGNATURE_ALGORITHM: The algorithm used to generate the certificate’s signature.
  • SIGNATURE: The certificate’s signature, expressed in hex.
  • STATUS_MSG: A short message indicating the status of a certificate’s validation, such as ok or missing.
  • SUBJECT_DN: The distinguished name field for the user.
  • VERSION: The certificate’s X509 version number.

• headerName (string): With extractLocation set to CLIENT_REQUEST_HEADER, specifies the case-insensitive name of the HTTP header to extract.

• cookieName (string): With extractLocation set to COOKIE, specifies the name of the cookie to extract.

• locationId (enum string): With extractLocation set to EDGESCAPE, specifies the X-Akamai-Edgescape header’s field name. Possible values specify basic geolocation, various geographic standards, and information about the client’s network:

  • Two-letter CONTINENT, ISO–3166 COUNTRY_CODE or REGION_CODE, COUNTY, CITY, TIMEZONE, AREACODE, ZIP, LAT, and LONG.
  • ASNUM (Autonomous System Number), DMA (Designated Market Area), FIPS (Federal Information Processing System code), MSA (Metropolitan Statistical Area), and PMSA (Primary Metropolitan Statistical Area).
  • NETWORK (name), NETWORK_TYPE, or tiered level of THROUGHPUT.

  For details on EdgeScape header fields, see the EdgeScape User Guide.

• pathComponentOffset (string): With extractLocation set to PATH_COMPONENT_OFFSET, this specifies a portion of the path. The indexing starts from 1, so a value of /path/to/nested/filename.html and an offset of 1 yields path, and 3 yields nested. Negative indexes offset from the right, so -2 also yields nested.

• queryParameterName (string): With extractLocation set to QUERY_STRING, specifies the name of the query parameter from which to extract the value.

• generator (enum string): With valueSource set to GENERATE, this specifies the type of value to generate: either RAND for a random number, or HEXRAND for a random hex sequence.

• numberOfBytes (number within 1–16 range): With valueSource set to GENERATE and the generator set to HEXRAND, this specifies the number of random hex bytes to generate.

• minRandomNumber (string; allows variables): With valueSource set to GENERATE and the generator set to RAND, this specifies the lower bound of the random number.

• maxRandomNumber (string; allows variables): With valueSource set to GENERATE and the generator set to RAND, this specifies the upper bound of the random number.

• transform (enum string): Specifies a function to transform the value, either NONE for no transformation, or any from the following categories:

  • Arithmetic: ADD, SUBTRACT, MINUS (reverse sign), MULTIPLY, DIVIDE, and MODULO (get remainder).
  • Strings: SUBSTITUTE, LOWER, UPPER, SUBSTRING, STRING_INDEX (locate a substring), STRING_LENGTH, REMOVE_WHITESPACE, TRIM (surrounding whitespace), and EXTRACT_PARAM.
  • String conversions: HEX_ENCODE/HEX_DECODE, XML_ENCODE/XML_DECODE. URL_ENCODE/URL_DECODE/URL_DECODE_UNI (Unicode), NORMALIZE_PATH_WIN (convert Windows paths to Unix format and remove relative path syntax)
  • Bitwise operations: BITWISE_AND, BITWISE_OR, BITWISE_XOR, and BITWISE_NOT.
  • Numeric conversion: DECIMAL_TO_HEX, HEX_TO_DECIMAL.
  • Encoding/decoding: DECRYPT/ENCRYPT, BASE_64_ENCODE/BASE_64_DECODE.
  • Generate digests: SHA_1, SHA_256, MD5, a base64-encoded HMAC key, or a simple HASH integer.
  • Time formats: UTC_SECONDS (epoch time), EPOCH_TO_STRING, and STRING_TO_EPOCH.
  • Networking: NETMASK (apply a netmask to an IP address to specify the network’s available hosts).

  For more details on each transform function, see Set Variable: Transforms in Control Center.

• operandOne (string; allows variables): Specifies an additional operand when the transform function is set to various arithmetic functions (ADD, SUBTRACT MULTIPLY, DIVIDE, or MODULO) or bitwise functions (BITWISE_AND, BITWISE_OR, or BITWISE_XOR).

• algorithm (enum string): With the transform function set to either ENCRYPT or DECRYPT, this specifies the algorithm to apply, either ALG_AES128 or ALG_AES256 (Advanced Encryption Standard, 128 or 256 bits), or ALG_3DES (Triple DES).

• encryptionKey (string; allows variables): With the transform function set to either ENCRYPT or DECRYPT, this specifies the encryption hex key. For ALG_3DES it must be 48 characters long, 32 characters for ALG_AES128, and 64 characters for ALG_AES256.

• initializationVector (string): With the transform function set to either ENCRYPT or DECRYPT, specifies a one-time number as an initialization vector. It must be 15 characters long for ALG_3DES, and 32 characters for both ALG_AES128 and ALG_AES256.

• encryptionMode (enum string): With the transform function set to either ENCRYPT or DECRYPT, specifies either CBC (Cipher Block Chaining) or ECB (Electronic Codebook) encryption modes.

• nonce (string; allows variables): With the transform function set to either ENCRYPT or DECRYPT, specifies the one-time number used for encryption.

• prependBytes (boolean): With the transform function set to either ENCRYPT or DECRYPT, specifies a number of random bytes to prepend to the key.

• formatString (string): With the transform function set to either EPOCH_TO_STRING or STRING_TO_EPOCH, this specifies an optional format string for the conversion, using format codes such as %m/%d/%y as specified by strftime. A blank value defaults to RFC–2616 format.

• paramName (string; allows variables): With the transform function set to EXTRACT_PARAM, this extracts the value for the specified parameter name from a string that contains key/value pairs. (Use separator below to parse them.)

• separator (string): With the transform function set to EXTRACT_PARAM, this specifies the character that separates pairs of values within the string.

• min (number): With the transform function set to HASH, specifies a minimum value for the generated integer.

• max (number): With the transform function set to HASH, specifies a maximum value for the generated integer

• hmacKey (string): With the transform function set to HMAC, specifies the secret to use in generating the base64-encoded digest.

• hmacAlgorithm (enum string): With the transform function set to HMAC, specifies the algorithm to use to generate the base64-encoded digest, either MD5, SHA1, or SHA256.

• ipVersion (enum string): With the transform function set to NETMASK, this specifies the IP version under which a subnet mask generates, either IPV4 or IPV6.

• ipv6Prefix (number within 0–128 range): With the transform function set to NETMASK and the ipVersion set to IPV6, specifies the prefix of the IPV6 address, a value between 0 and 128.

• ipv4Prefix (number within 0–32 range): With the transform function set to NETMASK and the ipVersion set to IPV4, specifies the prefix of the IPV4 address, a value between 0 and 32.

• subString (string; allows variables): With the transform function set to STRING_INDEX, specifies a substring for which the returned value represents a zero-based offset of where it appears in the original string, or -1 if there’s no match.

• regex (string): With the transform function set to SUBSTITUTE, this specifies the regular expression pattern (PCRE) to match the value.

• replacement (string; allows variables): With the transform function set to SUBSTITUTE, this specifies the replacement string. Reinsert grouped items from the match into the replacement using $1, $2 … $n.

• caseSensitive (boolean): With the transform function set to SUBSTITUTE, enabling this makes all matches case sensitive.

• globalSubstitution (boolean): With the transform function set to SUBSTITUTE, enabling this replaces all matches in the string, not just the first.

• startIndex (string; allows variables): With the transform function set to SUBSTRING, specifies the zero-based character offset at the start of the substring. Negative indexes specify the offset from the end of the string.

• endIndex (string; allows variables): With the transform function set to SUBSTRING, specifies the zero-based character offset at the end of the substring. Negative indexes specify the offset from the end of the string.

• exceptChars (string): With the transform function set to URL_ENCODE, specifies characters not to encode, possibly overriding the default set.

• forceChars (string): With the transform function set to URL_ENCODE, specifies characters to encode, possibly overriding the default set.

• errorType (enum string): Specifies the type of error, any of the following:

ERR_CONNECT_FAIL
ERR_CONNECT_TIMEOUT
ERR_DNS_FAIL
ERR_DNS_IN_REGION
ERR_DNS_TIMEOUT
ERR_NO_GOOD_FWD_IP
ERR_READ_ERROR
ERR_READ_TIMEOUT
ERR_SUREROUTE_DNS_FAIL
ERR_WRITE_ERROR

(Option Previously Named: error_type. Capitalized enum values.)

• timeout (duration string): When the errorType is ERR_CONNECT_TIMEOUT, ERR_DNS_TIMEOUT, ERR_SUREROUTE_DNS_FAIL, or ERR_READ_TIMEOUT, generates an error after the specified amount of time from the initial request.

• ssmap (string): The hostname that identifies the SiteShield map, available from your Akamai representative.

• enabled (boolean): Allows the Content Policy API to dynamically modify content. (Option Previously Named: dynamicpolicy. Retyped as boolean.)

• origin (boolean): Allows you to set the origin host. (Retyped as boolean.)

• caching (boolean): Allows you to modify content caching rules. (Retyped as boolean.)

• referrer (boolean): Allows you to set the referrer whitelist or blacklist. (Retyped as boolean.)

• ip (boolean): Allows you to specify an IP whitelist or blacklist. (Retyped as boolean.)

• geoLocation (boolean): Allows you to specify a location-based whitelist or blacklist. (Option Previously Named: geo. Retyped as boolean.)

• refreshContent (boolean): Allows you to schedule when custom content is to revalidate. (Option Previously Named: contentrefresh. Retyped as boolean.)

• modifyPath (boolean): Allows you to modify the request path. (Option Previously Named: modifypath. Retyped as boolean.)

• cacheKey (boolean): Allows you to set which query parameters are included in the cache key. (Option Previously Named: cachekey. Retyped as boolean.)

• enabled (boolean): Enables the SureRoute behavior, to optimize delivery of non-cached content. (Option Previously Named: sr_enabled. Retyped as boolean.)

• type (enum string): Specifies the set of edge servers used to test routes, either the default PERFORMANCE or a CUSTOM_MAP that must be provided to you by Akamai Professional Services. (Option Previously Named: sr_type. Capitalized enum values, with underscore delimiters.)

• customMap (string): If type is CUSTOM_MAP, this specifies the map string provided to you by Akamai Professional Services, or included as part of the SiteShield product. (Option Previously Named: custom_map.)

• testObjectUrl (string): Specifies the path and filename for your origin’s test object to use in races to test routes.

  Akamai provides sample test objects for the Dynamic Site Accelerator and Web Application Accelerator products. If you want to use your own test object, it needs to be on the same origin server as the traffic being served through SureRoute. Make sure it returns a 200 HTTP response and does not require authentication. The file should be an average-sized static HTML file (Content-Type: text/html) that is no smaller than 8KB, with no back-end processing.

If you have more than one origin server deployed behind a load balancer, you can configure it to serve the test object directly on behalf of the origin, or route requests to the same origin server to avoid deploying the test object on each origin server. (Option Previously Named: sr_test_object_url.)

• toHostStatus (enum string): If set to INCOMING_HH, uses the incoming Host header when requesting the SureRoute test object. If set to OTHER, use toHost to specify a custom Host header. (Option Previously Named: sr_to_host_status. Capitalized enum values.)

• toHost (string): If toHostStatus is OTHER, this specifies the custom Host header to use when requesting the SureRoute test object. (Option Previously Named: sr_to_host.)

• raceStatTtl (duration string): Specifies the time-to-live to preserve SureRoute race results, typically 30m. If traffic exceeds a certain threshold after TTL expires, the overflow is routed directly to the origin, not necessarily optimally. If traffic remains under the threshold, the route is determined by the winner of the most recent race. (Option Previously Named: sr_race_stat_ttl.)

• forceSslForward (boolean): Forces SureRoute to use SSL when requesting the origin’s test object, appropriate if your origin does not respond to HTTP requests, or responds with a redirect to HTTPS. (Option Previously Named: sr_force_ssl_fw. Retyped as boolean.)

• enableCustomKey (boolean): When disabled, caches race results under the race destination’s hostname. If enabled, use customStatKey to specify a custom hostname. (Option Previously Named: sr_stat_key_mode. Retyped as boolean.)

• customStatKey (string): With enableCustomKey enabled, this specifies a hostname under which to cache race results. This may be useful when a property corresponds to many origin hostnames. By default, SureRoute would launch races for each origin, but consolidating under a single hostname runs only one race. (Option Previously Named: custom_stat_key.)

• enabled (boolean): When enabled, capture HTTPS requests and responses, and send the data to your IBM Tealeaf account.

• limitToDynamic (boolean): Limit traffic to dynamic, uncached (No-Store) content.

• ibmCustomerId (number): The integer identifier for the IBM Tealeaf Connector account.

• enabled (boolean): When enabled, activates tiered distribution. (Option Previously Named: status. Retyped as boolean.)

• tieredDistributionMap (enum string): Optionally map the tiered parent server’s location close to your origin: CHEU2 for Europe; CHAUS for Australia; CHAPAC for China and the Asian Pacific area; CHWUS2, CHCUS2, and CHEUS2 for different parts of the United States. Choose CH or CH2 for a more global map. A narrower local map minimizes the origin server’s load, and increases the likelihood the requested object is cached. A wider global map reduces end-user latency, but decreases the likelihood the requested object is in any given parent server’s cache. This option cannot apply if the property is marked as secure. See Secure Property Requirements for guidance. (Option Previously Named: tdmap. Capitalized enum values.)

• value (duration string): Specifies the timeout, for example 10s. (Option Previously Named: timeout.)

• enabled (boolean): Enables the ETag validation behavior. (Retyped as boolean.)

• useAdvanced (boolean): If enabled, allows you to specify advanced options such as algorithm, escapeHmacInputs, ignoreQueryString, transitionKey, and salt. (Option Previously Named: show_advanced. Retyped as boolean.)

• location (enum string): Specifies where to find the token in the incoming request, either CLIENT_REQUEST_HEADER, QUERY_STRING, or COOKIE. (Capitalized enum values.)

• locationId (string): When location is CLIENT_REQUEST_HEADER, specifies the name of the incoming request’s header where to find the token.

• algorithm (enum string): With useAdvanced enabled, specifies the algorithm that generates the token, either SHA256, SHA1, or MD5, in order of descending security. It must match the method chosen in the token generation code.

• escapeHmacInputs (boolean): With useAdvanced enabled, URL-escapes HMAC inputs passed in as query parameters. (Retyped as boolean.)

• ignoreQueryString (boolean): With useAdvanced enabled, enabling this removes the query string from the URL used to form an encryption key. (Retyped as boolean.)

• key (string): The shared secret used to validate tokens, which must match the key used in the token generation code.

• transitionKey (string): With useAdvanced enabled, specifies a transition key as a hex value.

• salt (string): With useAdvanced enabled, specifies a salt string for input when generating the token, which must match the salt value used in the token generation code.

• failureResponse (boolean): When enabled, sends an HTTP error when an authentication test fails. (Retyped as boolean.)

• enabled (boolean): Enables the Visitor Prioritization behavior.

• cloudletPolicy (object): Identifies the Cloudlet policy in an object featuring unique numeric id and descriptive string name members.

• label (string): Specify a suffix to add to the Cloudlet policy’s cookies, potentially useful to distinguish one policy from another within the same property.

• waitingRoomCookieDuration (number within 0–120 range): Specifies the duration of the Cloudlet’s cookie that holds users in the waiting room. (It sends users back to the waiting room if they refresh the waiting room page.)

• privilegedCookieDuration (number within 0–600 range): Specifies the duration of the privilege cookie, which bypasses Visitor Prioritization for subsequent requests once a user has been allowed through to the site.

• populationRefresh (boolean): If enabled, users receive a fresh cookie that matches the duration of the Allowed User Cookie. Disable to set a fixed cookie time.

• waitingRoomStatusCode (number): Specifies the response code for requests sent to the waiting room, either 200 or 503.

• waitingRoomUseCpCode (boolean): When enabled, allows you to assign a different CP code that tracks any requests that are sent to the waiting room.

• waitingRoomCpCode (object): With waitingRoomUseCpCode enabled, specifies a cpcode object for requests sent to the waiting room, including a numeric id key and a descriptive name:

  "waitingRoomCpCode": {
      "id"   : 12345,
      "name" : "sent to waiting room"
  }
  

• waitingRoomNetStorage (object): Specifies the NetStorage domain for the waiting room page. For example:

  "waitingRoomNetStorage": {
      "id"                 : "id_string",
      "name"               : "Example Downloads",
      "downloadDomainName" : "example.download.akamai.com",
      "cpCode"             : 12345
  }
  

• waitingRoomDirectory (string): Specifies the NetStorage directory that contains the static waiting room page, with no trailing slash character.

• waitingRoomCacheTtl (number within 5–30 range): Specifies the waiting room page’s time to live in the cache, 5 minutes by default.

• token (string): Specifies the string token.

• imageUrl (string): Specifies the URL for the watermark image. (Option Previously Named: image_url.)

• firewallConfiguration (object): An object featuring details about your firewall configuration, for example:

  "firewallConfiguration": {
      "configId"          : 1,
      "productionStatus"  : "Active",
      "productionVersion" : 1,
      "stagingStatus"     : "Active",
      "stagingVersion"    : 1
  }
  

  (Option Previously Named: wafconfig.)

• enabled (boolean): Enables the WebDAV behavior. (Option Previously Named: status. Retyped as boolean.)

• enabled (boolean): Enables WebSocket traffic.

• percentage (number within 0–100 range): Specifies the percentage of SPDY requests to match. (Option Previously Named: bucket.)

• matchOperator (enum string): When set to IS, matches the value. If set to IS_NOT, reverses the match so that the cache state does not match the specified value. (Option Previously Named: result. Retyped boolean as enumeration.)

• value (enum string): Content’s cache is enabled (CACHEABLE) or not (NO_STORE), or else is ignored (BYPASS_CACHE). (Capitalized enum values, with underscore delimiters.)

• matchOperator (enum string): Matches the contents of values if set to IS_ONE_OF, otherwise IS_NOT_ONE_OF reverses the match. (Option Previously Named: result. Changed boolean to enumerated IS_ONE_OF/IS_NOT_ONE_OF values.)

• values (array of string values): IP or CIDR block, for example: 71.92.0.0/14. (Option Previously Named: value.)

• useHeaders (boolean): When connecting via a proxy server as determined by the X-Forwarded-For header, enabling this option matches the connecting client’s IP address rather than the original end client specified in the header. (Option Previously Named: use-headers. Retyped as boolean.)

• value (enum string): The IP version of the client request, either IPV4 or IPV6. (Renamed enumerated 4 and 6 values to IPV4 and IPV6.)

• useXForwardedFor (boolean): When connecting via a proxy server as determined by the X-Forwarded-For header, enabling this option matches the connecting client’s IP address rather than the original end client specified in the header. (Option Previously Named: use-headers. Retyped as boolean.)

• originId (string): The Cloudlets Origins identifier, limited to alphanumeric and underscore characters.

• matchOperator (enum string): Matches the specified network if set to IS, otherwise IS_NOT reverses the match.. (Option Previously Named: result. Renamed enumerated true/false values to IS/IS_NOT.)

• network (enum string): Match requests served from either the PRODUCTION or STAGING network. (Capitalized enum values. Renamed the enumerated use-staging value to STAGING.)

• matchOperator (enum string): Matches any Content-Type among specified values when set to IS_ONE_OF, otherwise IS_NOT_ONE_OF reverses the match. (Option Previously Named: result. Changed boolean to enumerated IS_ONE_OF/IS_NOT_ONE_OF values.)

• values (array of string values): Content-Type response header value, for example text/html. (Option Previously Named: value.)

• matchWildcard (boolean): When enabled, allows * and ? wildcard matches among the values, so that specifying text/* matches both text/html and text/css. (Option Previously Named: value-wildcard. Retyped as boolean.)

• matchCaseSensitive (boolean): When enabled, the match is case-sensitive for all values. (Option Previously Named: value-case. Retyped as boolean.)

• characteristic (enum string): Aspect of the device or browser to match. The following values are boolean:

  • ACCEPT_THIRD_PARTY_COOKIE
  • AJAX_SUPPORT_JAVASCRIPT
  • COOKIE_SUPPORT
  • DUAL_ORIENTATION (whether the display adapts to portrait/landscape orientation)
  • FULL_FLASH_SUPPORT
  • GIF_ANIMATED
  • IS_MOBILE
  • IS_TABLET (subset of IS_MOBILE)
  • IS_WIRELESS_DEVICE

  The following are numeric values:

  • PHYSICAL_SCREEN_HEIGHT (millimeters)
  • PHYSICAL_SCREEN_WIDTH (millimeters)
  • RESOLUTION_HEIGHT (pixels)
  • RESOLUTION_WIDTH (pixels)
  • XHTML_SUPPORT_LEVEL

  The following are version string values:

  • DEVICE_OS_VERSION
  • MOBILE_BROWSER_VERSION

  The following are string values:

  • BRAND_NAME (such as Samsung or Apple)
  • DEVICE_OS
  • MARKETING_NAME (such as Samsung Illusion)
  • MOBILE_BROWSER
  • MODEL_NAME (such as SCH-I110)

  (Capitalized enum values. Corrected the full_flash_support enum value, which is now FULL_FLASH_SUPPORT.)

• stringMatchOperator (enum string): When the characteristic expects a string value, set this to MATCHES_ONE_OF to match against the stringValue set, otherwise set to DOES_NOT_MATCH_ONE_OF to exclude that set of values. (Option Previously Named: op-string. Retyped as boolean.)

• numericMatchOperator (enum string): When the characteristic expects a numeric value, compares the specified numericValue against the matched client, using the following operators: IS, IS_MORE_THAN_OR_EQUAL, IS_MORE_THAN, IS_LESS_THAN_OR_EQUAL, IS_LESS_THAN, IS_NOT. (Option Previously Named: op-number. Changed EQUAL enum value to IS, GREATER_EQUAL to IS_MORE_THAN_OR_EQUAL, GREATER_THAN to IS_MORE_THAN, LESS_EQUAL to IS_LESS_THAN_OR_EQUAL, LESS_THAN to IS_LESS_THAN, and NOT_EQUAL to IS_NOT.)

• versionMatchOperator (enum string): When the characteristic expects a version string value, compares the specified versionValue against the matched client, using the following operators: IS, IS_MORE_THAN_OR_EQUAL, IS_MORE_THAN, IS_LESS_THAN_OR_EQUAL, IS_LESS_THAN, IS_NOT. (Option Previously Named: op-version. Changed VERSION_EQUAL enum value to IS, VERSION_NOT_EQUAL to IS_NOT, VERSION_GREATER_THAN to IS_MORE_THAN, VERSION_LESS_EQUAL to IS_LESS_THAN_OR_EQUAL, VERSION_LESS_THAN to IS_LESS_THAN, and VERSION_NOT_EQUAL to IS_NOT.)

• booleanValue (boolean): When the characteristic expects a boolean value, this specifies the value. (Option Previously Named: value-boolean. Retyped as boolean.)

• stringValue (array of string values): When the characteristic expects a string, this specifies the set of values. (Option Previously Named: value-string.)

• numericValue (number): When the characteristic expects a numeric value, this specifies the number. (Option Previously Named: value-number.)

• versionValue (string): When the characteristic expects a version number, this specifies it as a string. (Option Previously Named: value-version.)

• matchCaseSensitive (boolean): When enabled, the match is case-sensitive for the stringValue field. (Option Previously Named: value-case. Retyped as boolean.)

• matchWildcard (boolean): When enabled, allows * and ? wildcard matches in the stringValue field. (Option Previously Named: value-wildcard. Retyped as boolean.)

• matchOperator (enum string): Matches the contents of values if set to IS_ONE_OF, otherwise IS_NOT_ONE_OF reverses the match. (Option Previously Named: result. Changed boolean to enumerated IS_ONE_OF/IS_NOT_ONE_OF values.)

• values (array of string values): An array of file extension strings, with no leading dot characters, for example png, jpg, jpeg, and gif. (Option Previously Named: value.)

• matchCaseSensitive (boolean): When enabled, the match is case-sensitive. (Option Previously Named: case. Retyped as boolean.)

• matchOperator (enum string): If set to IS_ONE_OF or IS_NOT_ONE_OF, matches whether the value matches. If set to IS_EMPTY or IS_NOT_EMPTY, matches whether the specified filename is part of the path. (Option Previously Named: result. Renamed enumerated true/false values to IS_ONE_OF/IS_NOT_ONE_OF, and renamed empty/not_empty to IS_EMPTY/IS_NOT_EMPTY.)

• values (array of string values): Matches the filename component of the request URL. Wildcards are allowed, where ? matches a single character and * matches more than one. For example, specify filename.* to accept any extension. (Option Previously Named: value.)

• matchCaseSensitive (boolean): When enabled, the match is case-sensitive for the value field. (Option Previously Named: case. Retyped as boolean.)

• matchOperator (enum string): Matches the contents of values when set to IS_ONE_OF, otherwise IS_NOT_ONE_OF reverses the match. (Option Previously Named: result. Changed boolean to enumerated IS_ONE_OF/IS_NOT_ONE_OF values.)

• values (array of string values): A list of hostnames. Wildcards match, so *.example.com matches both m.example.com and www.example.com. (Option Previously Named: host.)

• description (string): A human-readable description of what the XML block does.

• openXml (string): An XML string that opens the relevant block. (Option Previously Named: open_xml.)

• closeXml (string): An XML string that closes the relevant block. (Option Previously Named: close_xml.)

• value (object): Specifies an object that encodes the matching value, including an id key and a descriptive name:

  "value": {
      "id"   : 12345,
      "name" : "my cpcode"
  }
  

  (Option Previously Named: cpcode.)

• matchOperator (enum string): Matches the contents of values if set to IS_ONE_OF, otherwise IS_NOT_ONE_OF reverses the match. If set to IS_BETWEEN, matches the numeric range between lowerBound and upperBound, otherwise IS_NOT_BETWEEN reverses the match. (Option Previously Named: result. Changed boolean to enumerated IS_ONE_OF/IS_NOT_ONE_OF values.)

• values (array of string values): A set of response codes to match, for example ["404","500"]. (Option Previously Named: value.)

• lowerBound (number): Specifies the start of a range of responses when matchOperator is either IS_BETWEEN or IS_NOT_BETWEEN. For example, 400 to match anything from 400 to 500. (Option Previously Named: range-start-value.)

• upperBound (number): Specifies the end of a range of responses when matchOperator is either IS_BETWEEN or IS_NOT_BETWEEN. For example, 500 to match anything from 400 to 500. (Option Previously Named: range-end-value.)

• variableName (string): The name of the variable to match.

• matchOperator (enum string): The type of match, based on which you use different options to specify the match criteria.

  • If set to IS or IS_NOT, specify a single variableExpression string.
  • If set to IS_ONE_OF or IS_NOT_ONE_OF, specify an array of string variableValues.
  • If set to IS_BETWEEN or IS_NOT_BETWEEN, specify a range between numeric lowerBound and upperBound values.
  • If set to IS_EMPTY or IS_NOT_EMPTY, no other option is required. These check if a defined variable contains a value. You can’t activate a rule that matches an undefined variable.

  (Option Previously Named: mode.)

• variableValues (array of string values): With matchOperator set to either IS_ONE_OF or IS_NOT_ONE_OF, specifies an array of matching strings.

• variableExpression (string; allows variables): With matchOperator set to either IS or IS_NOT, specifies a single matching string.

• lowerBound (string; allows variables): With matchOperator set to either IS_BETWEEN or IS_NOT_BETWEEN, specifies the range’s numeric minimum value.

• upperBound (string; allows variables): With matchOperator set to either IS_BETWEEN or IS_NOT_BETWEEN, specifies the range’s numeric maximum value.

• matchWildcard (boolean): When matching string expressions, enabling this matches wildcard metacharacters such as * and ?. (Option Previously Named: valueWildcard.)

• matchCaseSensitive (boolean): When matching string expressions, enabling this performs a case-sensitive match. (Option Previously Named: valueCase.)

• matchOperator (enum string): Specifies a single required ORIGIN_TIMED_OUT value. (Option Previously Named: result. Renamed the true enumerated value to ORIGIN_TIMED_OUT.)

• matchOperator (enum string): Matches the contents of values when set to MATCHES_ONE_OF, otherwise DOES_NOT_MATCH_ONE_OF reverses the match. (Option Previously Named: result. Renamed enumerated true/false values to MATCHES_ONE_OF/DOES_NOT_MATCH_ONE_OF.)

• values (array of string values): Matches the URL path, excluding leading hostname and trailing query parameters. The path is relative to the server root, for example /blog. The value accepts * or ? wildcard characters, for example /blog/*/2014. (Option Previously Named: value.)

• matchCaseSensitive (boolean): When enabled, the match is case-sensitive. (Option Previously Named: case. Retyped as boolean.)

• parameterName (string): The name of the query field, for example, q in ?q=string. (Option Previously Named: name.)

• matchOperator (enum string): Narrows the match according to the following criteria:

  • EXISTS or DOES_NOT_EXIST tests whether the query field’s parameterName is present in the requesting URL.
  • IS_ONE_OF or IS_NOT_ONE_OF tests whether the field’s value string matches.
  • IS_LESS_THAN or IS_MORE_THAN matches ranges when the value is numeric.
  • IS_BETWEEN also matches numeric ranges, but considers lowerBound and upperBound fields rather than value.

  (Option Previously Named: result. Capitalized enum values, with underscore delimiters. Changed enumerated true/false values to IS_ONE_OF/IS_NOT_ONE_OF, and changed doesntexist to DOES_NOT_EXIST.)

• values (array of string values): The value of the query field, for example, string in ?q=string. (Option Previously Named: value.)

• lowerBound (number): When the value is numeric and the matchOperator is set to IS_BETWEEN, this field specifies the match’s minimum value. (Option Previously Named: lowerbound.)

• upperBound (number): When the value is numeric and the matchOperator is set to IS_BETWEEN, this field specifies the match’s maximum value. (Option Previously Named: upperbound.)

• matchWildcardName (boolean): When enabled, allows * and ? wildcard matches in the parameterName field. (Option Previously Named: name-wildcard. Retyped as boolean.)

• matchCaseSensitiveName (boolean): When enabled, the match is case-sensitive for the parameterName field. (Option Previously Named: name-case. Retyped as boolean.)

• matchWildcardValue (boolean): When enabled, allows * and ? wildcard matches in the value field. (Option Previously Named: value-wildcard. Retyped as boolean.)

• matchCaseSensitiveValue (boolean): When enabled, the match is case-sensitive for the value field. (Option Previously Named: value-case. Retyped as boolean.)

• escapeValue (boolean): When enabled, matches when the value is URL-escaped. (Option Previously Named: value-escape. Retyped as boolean.)

• bucket (number within 0–100 range): Specify a percentage of random requests to which to apply a behavior. Any remainders do not match.

• cookieName (string): The name of the cookie, for example, visitor in visitor:anon. (Option Previously Named: name.)

• matchOperator (enum string): Narrows the match according to the following criteria:

  • EXISTS or DOES_NOT_EXIST tests whether the cookie cookieName exists.
  • IS or IS_NOT tests whether the field’s value string matches.
  • IS_BETWEEN tests whether a numeric cookie value falls between lowerBound and upperBound.

  (Option Previously Named: result. Capitalized enum values, with underscore delimiters. Changed enumerated true/false values to IS_ONE_OF/IS_NOT_ONE_OF, and changed doesntexist to DOES_NOT_EXIST.)

• value (string): The cookie’s value, for example, anon in visitor:anon.

• lowerBound (number): When the value is numeric and the matchOperator is set to IS_BETWEEN, this field specifies the match’s minimum value. (Option Previously Named: lower.)

• upperBound (number): When the value is numeric and the matchOperator is set to IS_BETWEEN, this field specifies the match’s maximum value. (Option Previously Named: upper.)

• matchWildcardName (boolean): When enabled, allows * and ? wildcard matches in the cookieName field. (Option Previously Named: name-wildcard. Retyped as boolean.)

• matchCaseSensitiveName (boolean): When enabled, the match is case-sensitive for the cookieName field. (Option Previously Named: name-case. Retyped as boolean.)

• matchWildcardValue (boolean): When enabled, allows * and ? wildcard matches in the value field. (Option Previously Named: value-wildcard. Retyped as boolean.)

• matchCaseSensitiveValue (boolean): When enabled, the match is case-sensitive for the value field. (Option Previously Named: value-case. Retyped as boolean.)

• headerName (string): The name of the request header, for example Accept-Language. (Option Previously Named: name.)

• matchOperator (enum string): Narrows the match according to the following criteria:

  • EXISTS or DOES_NOT_EXIST tests whether the field headerName exists.
  • IS_ONE_OF or IS_NOT_ONE_OF tests whether the field’s value string matches.

  (Option Previously Named: result. Capitalized enum values. Changed enumerated true/false values to IS_ONE_OF/IS_NOT_ONE_OF, and changed doesntexist to DOES_NOT_EXIST.)

• values (array of string values): The request header’s value, for example en-US when the header headerName is Accept-Language. (Option Previously Named: value.)

• matchWildcardName (boolean): When enabled, allows * and ? wildcard matches in the headerName field. (Option Previously Named: name-wildcard. Retyped as boolean.)

• matchWildcardValue (boolean): When enabled, allows * and ? wildcard matches in the value field. (Option Previously Named: value-wildcard. Retyped as boolean.)

• matchCaseSensitiveValue (boolean): When enabled, the match is case-sensitive for the value field. (Option Previously Named: value-case. Retyped as boolean.)