Adobe Experience Manager Forms

still same issue, kindly find the below filter detailes:

# Deny everything first and then allow specific entries
/0001 { /type "deny" /glob "*" }
/0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" }
/0003 { /type "allow" /glob "GET /libs/granite/csrf/token.json*" }
# Open consoles
/0011 { /type "allow" /url "/admin/*" } # allow servlet engine admin
/0012 { /type "allow" /url "/crx/*" } # allow content repository
/0013 { /type "allow" /url "/system/*" } # allow OSGi console

# Allow non-public content directories
/0021 { /type "allow" /url "/apps/*" } # allow apps access
/0022 { /type "allow" /url "/bin/*" }
/0023 { /type "allow" /url "/content*" } # disable this rule to allow mapped content only

/0024 { /type "allow" /url "/libs/*" }
/0025 { /type "deny" /url "/libs/shindig/proxy*" } # if you enable /libs close access to proxy

/0026 { /type "allow" /url "/home/*" }
/0027 { /type "allow" /url "/tmp/*" }
/0028 { /type "allow" /url "/var/*" }
/0029 { /type "allow" /url "/etc/*" }
/0030 { /type "allow" /url "/etc.clientlibs/*" }
/0031 { /type "allow" /url "/content/*" }
/0032 { /type "allow" /url "/libs/granite/csrf/token.json" }
/0033 { /type "allow" /glob "* /bin/xfaforms/submitaction*" } # to enable AEM Forms submission

What about the second point?

Configure the referrer filter service:

Log in to the Apache Felix configuration manager as an administrator. The Default URL of the configuration manager is https://[server]:[port_number]/system/console/configMgr. In the Configurations menu, select the Apache Sling Referrer Filter option. In the Allow Hosts field, enter host name of the dispatcher to allow it as a referrer and click Save. The format of the entry is https://[server]:[port].

The format of the entry is https://[server]:[port]. this is for allow hosts field ? 

You have not enabled the POST method. Can you enable it and try again?

same issue

What is your dispatcher's host name?

AEM-Dispatch1

this doesn't seem to be the host name. Can you share the URL with which you are rendering the Form in the browser through disptacher?

https://10.11.0.120/content/forms/af/generalformcs/generalform1.html

are you using custom submit action? please allow POST dispatcher/content/forms/af/generalformcs/generalform1/jcr:content/guideContainer/rootPanel/items/panel/items/summary.process.jsp in your dispacther configuration.

No, I don't use custom submit action only use dor with summary, how do I allow dispatcher/content/forms/af/generalformcs/generalform1/jcr:content/guideContainer/rootPanel/items/panel/items/summary.process.jsp in dispacther configuration?

Add a rule like this:

 /0002 { /type "allow" /method "POST" /url "/content/forms/af/generalformcs/generalform1/jcr:content/guideContainer/rootPanel/items/panel/items/summary.process.jsp" }     

and restart the Dispatcher. 

same issue:

csrf.js:263 POST https://10.11.0.120/content/forms/af/generalformcs/generalform1/jcr:content/guideContainer.af.dermis 403 (Forbidden)

csrf.js:263 POST https://10.11.0.120/content/forms/af/generalformcs/generalform1/jcr:content/guideContainer.af.submit... 403 (Forbidden)

you need me to add this line to rules or filter ?

Have you applied the latest 6.5.11 and corresponding Forms add-on package? 

Also, please flush dispatcher cache and check the issue again after applying 6.5.11.

still same issue

Please log a Support case for this issue, so that we can further look into this issue. Thanks!

I have already opened a ticket and waiting for a response