Expand my Community achievements bar.

Allow AEM Servlet only from allowed domains

Avatar

Level 2

We have a requirement where we want to allow the Post Servlets only from certain domains. Our site is public so no user does not need to be authenticated, hence we are not able to control through CUG or using csrf-token. Is it possible to do something with Akamai or dispatcher where we block requests from other domain for a specific path. Also please keep in mind the the requests should not be hacked through Post man.

2 Replies