When AEM servlet APIs are being called AEM dispatcher returns 403 forbidden error without delegating the request to AEM server. But when I am making the calling by passing "user-agent" header in request . I am getting successful response. Without "user-agent" header dispatcher is not allowing the request. This is happening for all types of request "GET,POST,PUT, DELETE". I am suspecting due to some configuration in dispatcher request are getting invalidated. Can anyone help me with this issue?
Solved! Go to Solution.
Views
Replies
Total Likes
Hi,
Yes it is possibel that request are blocked from dispatcher to avoid bot. But before you investigate check with Adobe or whoever manages the httpd or dispatcher configuration.
Hi @raviranjan
Out of the box, AEM denies all server names or hosts to make HTTP request to the respective running AEM publish/author instance. During a HTTP request made to the AEM publish/author, AEM checks the Referrer header configuration. If the referrer configured to allow the host(s), then AEM will full-fill the request, and if not, the AEM “referrer not allowed” error message will be shown.
OSGi Config: org.apache.sling.security.impl.ReferrerFilter
So we need to enable the header in the dispatcher and pass it along with all request.
Thanks!
Referer filter configuration is properly configured. As in when I Bypass the dispatcher and hit the AEM server api url directly I get the 200 response successfully. But while hitting the url via dispatcher layer. I get this 403 as response until I pass user-agent as request header . Also the header is enabled in dispatcher as mentioned in the document.
Hi,
Yes it is possibel that request are blocked from dispatcher to avoid bot. But before you investigate check with Adobe or whoever manages the httpd or dispatcher configuration.
Thanks for the suggestion @arunpatidar
In order to fix this add the below lines in your virtual host file or rewrite.rules file
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
Views
Likes
Replies
Views
Likes
Replies