etc.clientlibs giving 404, but we can't allow it in dispatcher | Community
Skip to main content
S
SushmaNa1
April 17, 2025
Solved

etc.clientlibs giving 404, but we can't allow it in dispatcher

  • April 17, 2025
  • 3 replies
  • 559 views

Hi All, 

 

 

etc.clientlibs is giving 404 in Dispatcher. We can not allow the path in dispatcher due to security reasons. can anyone recommend other alternatives to include OOTB css. 

 

We have our custom css in etc/designs in AEM 6.5. 

 

 

Thanks In Advance.

Best answer by konstantyn_diachenko

Hi @sushmana1 ,

 

The /etc.clientlibs/ is a proxy servlet that allows to get clientlibs located in the protected areas like /apps. In this case, cq:ClientLibraryFolder has to have allowProxy=true property. I would recommend to allow loading clientlibs through /etc.clientlibs.

 

Do you have clientlibrary defined under /etc/designs? Is this path allowed in your dispatcher configuration? If yes, please check for allowProxy property in the clientlibrary definition. If you don't want to load clientlibs via /etc.clientlibs/ and it's publicly accessible through the dispatcher, you need to set allowProxy=false.

 

Best regards,

Kostiantyn Diachenko.

 

 

 

 

3 replies

konstantyn_diachenko
Community Advisor
konstantyn_diachenkoCommunity AdvisorAccepted solution
Community Advisor
April 17, 2025

Hi @sushmana1 ,

 

The /etc.clientlibs/ is a proxy servlet that allows to get clientlibs located in the protected areas like /apps. In this case, cq:ClientLibraryFolder has to have allowProxy=true property. I would recommend to allow loading clientlibs through /etc.clientlibs.

 

Do you have clientlibrary defined under /etc/designs? Is this path allowed in your dispatcher configuration? If yes, please check for allowProxy property in the clientlibrary definition. If you don't want to load clientlibs via /etc.clientlibs/ and it's publicly accessible through the dispatcher, you need to set allowProxy=false.

 

Best regards,

Kostiantyn Diachenko.

 

 

 

 

Kostiantyn Diachenko, Community Advisor, Certified Senior AEM Developer, creator of free AEM VLT Tool, maintainer of AEM Tools plugin.
    Shashi_Mulugu
    Community Advisor
    Shashi_MuluguCommunity Advisor
    Community Advisor
    April 18, 2025

    @sushmana1 /etc.clientlibs/ is adobe recommended way of accessing clientlibs. Can you please explain what security issues you are facing if we allow it? Also please move any clientlibs from /etc/designs to /apps/ as per AEM 6.5 repo restructuring recommendation by Adobe.

      Asutosh_Jena_
      Community Advisor
      Asutosh_Jena_Community Advisor
      Community Advisor
      April 18, 2025

      Hi @sushmana1 

      In order for the client libraries under /apps to be accessible, a proxy servelt is used. The ACLs are still enforced on the client library folder, but the servlet allows for the content to be read via /etc.clientlibs/ if the allowProxy property is set to true.

      If you have a clientlib in /apps/myproject/clientlibs/foo, the allowProxy property lets you request the clientlib via /etc.clientlibs/myprojects/clientlibs/foo.js or foo.css

      In your dispatcher filter configuration, you must have the below rule which will ensure the proxy path is allowed.

      Please move all your custom designs from /etc/designs under /apps with your project specific folders.

      # Enable clientlibs proxy servlet
      /0012 { /type "allow" /method "GET" /url "/etc.clientlibs/*" }

      With this there should not be any security concerns. If there are any other use case do let us know.

        Terms & ConditionsAccessibility statement

        Loading footer...