♥, 军军2017-09-22 11:03:55
Generally speaking, to prevent theft and enable anti-leeching, putting the authentication on the CDN will reduce the storage pressure on the Qiniu source station. If it is a static image of the website, it cannot be said to be a token that is valid for one hour. In this way, the expiration time is very short. In view of the difficulties encountered by the poster, I personally recommend binding a custom domain name and configuring the referer to prevent hotlinking, so that it can only be opened on your own web page. If you feel that there is still a risk of fraud on the page, you can submit a work order to https://support.qiniu.com/ to apply for anti-attack policy configuration.
