From d3a7b56e80f2802758fc0655f71d969e9ec4f4fd Mon Sep 17 00:00:00 2001
From: wangmoyang <wangmoyang@dcloud.io>
Date: Fri, 10 Mar 2023 12:00:39 +0800
Subject: [PATCH] update: cdn-security-policy

---
 docs/uniCloud/_sidebar.md            | 1 +
 docs/uniCloud/cdn-security-policy.md | 8 +++++++-
 docs/uniCloud/hosting.md             | 4 ++++
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/docs/uniCloud/_sidebar.md b/docs/uniCloud/_sidebar.md
index 143765e02..7f1253da9 100644
--- a/docs/uniCloud/_sidebar.md
+++ b/docs/uniCloud/_sidebar.md
@@ -44,6 +44,7 @@
   * [云存储API](storage.md)
   * [腾讯云自定义登录](authentication.md)
   * [腾讯云权限管理](policy-tcb.md)
+  * [阿里云CDN安全策略](cdn-security-policy.md)
 * uni-id用户体系
   * [综述](uni-id-summary.md)
   * [uni-id-pages](uni-id-pages.md)
diff --git a/docs/uniCloud/cdn-security-policy.md b/docs/uniCloud/cdn-security-policy.md
index c716bb593..7dfd16445 100644
--- a/docs/uniCloud/cdn-security-policy.md
+++ b/docs/uniCloud/cdn-security-policy.md
@@ -1,6 +1,6 @@
 ## CDN安全策略
 
-> 阿里云服务空间支持
+> 本功能仅阿里云服务空间支持
 
 ## 简介
 
@@ -61,6 +61,12 @@ Referer防盗链，是基于HTTP请求头中Referer字段来设置访问控制
 |百度    | https://smartapps.cn | 
 |支付宝    | https://你的appid.hybrid.alipay-eco.com | 
 
+### App中Referer防盗链现状
+
+App中请求资源时的referer为空，目前不支持指定。如果已设置黑/白名单则在App中无法访问资源。
+
+如需支持App访问，需要开启高级配置中的`允许通过浏览器地址栏直接访问资源URL`，即允许空Referer访问CDN资源。此时空Referer及命中黑/白名单规则的请求可正常访问资源，不过CDN安全性会有一定降低。
+
 
 ## IP黑/白名单@ip
 
diff --git a/docs/uniCloud/hosting.md b/docs/uniCloud/hosting.md
index 63118ef45..cfb5e3f47 100644
--- a/docs/uniCloud/hosting.md
+++ b/docs/uniCloud/hosting.md
@@ -307,3 +307,7 @@ uni-app项目根据路由模式不同需要做不同的配置
 - 前端网页部署限制为最大存储空间用量2GB
 - 单文件最大限制为50MB
 
+
+## 阿里云CDN安全策略
+
+阿里云前端网页托管在绑定自定义域名后，支持配置CDN安全策略：[https://uniapp.dcloud.net.cn/uniCloud/cdn-security-policy.html](uniCloud/cdn-security-policy.md)
-- 
GitLab