Sling.servlet.paths and Dispatcher Security concerns

Forum|Forum|10 years ago
October 16, 2015
2 replies
1180 views

Hello,

I am wondering if someone could point me in the right direction wrt the usage of sling.servlet.paths , via dispatcher.

I have a form post to a servlet and in the servlet i have the sling.servlet.paths = /apps/../../ . now via dispatcher i am forced to allow the POST to the path apps/../..

Is there any security concern here providing the below rule.

/0208 { /type "allow" /glob "POST /apps/test/community/test*" },

Regards,

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by kaushalmall

Best practice is to use /bin/path/to/servlet.

K

kaushalmall

Accepted solution

Adobe Employee

Best practice is to use /bin/path/to/servlet.

N

NitroHazeDevAuthor

Level 9

kaushal_mall wrote...

Best practice is to use /bin/path/to/servlet.

Thank you Kaushal

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded