Hello everyone,
First all thanks for your time reading my post.
I'm having some issues after upgrade AEM 6.5 from SP4 to SP6.( this same issue happened with SP5 and I had to make a rollback and try luck with the SP6 ) , every time that I try to edit or save new content using any component dialog for Touch UI I'm seeing the following exception error in logs ( no errors on console, only in crx/de logs) and no content in JCR is updated. Seems that all the components on my site are not longer able to found the correct path that stores the dialog information on the JCR. But before of the upgrade everything was working correctly for classic and touch ui.
I would like to know if is a typical issue after upgrade, or if someone has any recommendation to fix it:
*ERROR* [186.155.xxx.xx [1602798597740] GET /editor.html/content/comm/bridtest/en-us/.infinity.json HTTP/1.1] libs.cq.gui.components.renderconditions.canmodify.canmodify$jsp Unable to retrieve allowed user actions
javax.jcr.RepositoryException: Invalid name or path: /content/comm/bridtest/en-us//jcr:content
at org.apache.jackrabbit.oak.jcr.session.SessionContext.getOakPathOrThrow(SessionContext.java:384) [org.apache.jackrabbit.oak-jcr:1.22.4]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl.getOakPathOrThrow(SessionImpl.java:150) [org.apache.jackrabbit.oak-jcr:1.22.4]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl.access$100(SessionImpl.java:82) [org.apache.jackrabbit.oak-jcr:1.22.4]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl$1.performNullable(SessionImpl.java:186) [org.apache.jackrabbit.oak-jcr:1.22.4]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl$1.performNullable(SessionImpl.java:182) [org.apache.jackrabbit.oak-jcr:1.22.4]
at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.performNullable(SessionDelegate.java:242) [org.apache.jackrabbit.oak-jcr:1.22.4]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl.getNodeOrNull(SessionImpl.java:182) [org.apache.jackrabbit.oak-jcr:1.22.4]
Solved! Go to Solution.
Views
Replies
Total Likes
Reply from @rafaelparra
It is already solved. If you have some /apps/cq/xssprotection or any folder that contains protection rules to prevent injection of malicious code using dialogs on AEM you need to disabled. Those custom scripts could be incompatible with SP6 and on my particular case were blocking JCR node updating using Touch UI dialogs.
Views
Replies
Total Likes
Reply from @rafaelparra
It is already solved. If you have some /apps/cq/xssprotection or any folder that contains protection rules to prevent injection of malicious code using dialogs on AEM you need to disabled. Those custom scripts could be incompatible with SP6 and on my particular case were blocking JCR node updating using Touch UI dialogs.
we have the same issue, we put some configuration in xssprotection config. It is doing its work, however we cannot edit and save changes in component authoring.
I do see the following error in error.log
16.06.2021 18:05:02.570 *ERROR* [[0:0:0:0:0:0:0:1] [1623881102361] GET /editor.html/content/our-site/en-us/aem-test/.infinity.json HTTP/1.1] libs.cq.gui.components.renderconditions.canmodify.canmodify$jsp Unable to retrieve allowed user actions
Views
Replies
Total Likes
Views
Replies
Total Likes
@rafaelparraI do see that following line is causing the issue.
<regexp name="expressionURL" value="(\$\{(\w)+\})"/>
when this line is added to xssprotection config we see none of the component is editable and we see the issue as you were seeing
Views
Replies
Total Likes