Hi All,
I would like to refine the post method configuration on dispatcher filters. So ,the idea is to block all the post methods in my repository on adding the below condition.
//001 {/type "deny" /method "POST" /url "/content*"}
The above filter blocks the entire post methods present in my content content . So ,I need to allow only the required post methods present on my project.
//002 {type "allow" /method "POST" url "/content/[.]*.html"}
Adding on the above filter would be allowing the required post method with html selectors. So, whether the above //002 filter is sufficient to allow all the content paths with post servlet calls without any blockage
Kindly suggest on the above and your ideas on allowing the post calls
Thanks.
Solved! Go to Solution.
Views
Replies
Total Likes
yes, that should work.
Please see this
Example Filter: Enable POST Requests
The following example filter allows submitting form data by the POST method:
/filter { /0001 { /glob "*" /type "deny" } /0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" } }
Hi,
you can create your servlet with some selectors and allow only those selector requests to avoid other open post request url as well from your project. Though I am not sure about your use case.
yes, that should work.
Please see this
Example Filter: Enable POST Requests
The following example filter allows submitting form data by the POST method:
/filter { /0001 { /glob "*" /type "deny" } /0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" } }
Thanks suresh .
But my question is it would not be blocking the post method servlet calls other than form data.
Views
Replies
Total Likes
As mention by @arunpatidar , it is better to use selectors and enable it -
/0063 { /type "allow" /url "POST /content/[.]*.commerce.cart.json" } # allow POSTs to update the shopping cart
Views
Replies
Total Likes
Views
Likes
Replies