Blacklist and whitelist filters | Community
Skip to main content
JakeCham
JakeCham
Level 6
September 30, 2020
Solved

Blacklist and whitelist filters

  • September 30, 2020
  • 3 replies
  • 2682 views

Hi , 

from where in AEM i can check Blacklist and whitelist filter setting configurations?

I have checked "AEM web console Sling Health check" and /system/console/configMgr/com.adobe.cq.deserfw.impl.DeserializationFirewallImpl.But i was unable to find desired results in there.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Umesh_Thakur

I think the settings you are looking for that does not comes by default with general server installation, so you are not able to find it in the configMgr.

Please click on the below links to get some info on it.

https://docs.adobe.com/content/help/en/experience-manager-65/administering/security/mitigating-serialization-issues.html

hope this will help.

Regards

Umesh Thakur

3 replies

Jineet_Vora
Community Advisor and Adobe Champion
Jineet_VoraCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
September 30, 2020

Hi @jakecham,

Not clear on your question but I think may be you're looking for 'Apache Sling Referrer Filter'


Jineet

    joerghoh
    Adobe Employee
    joerghohAdobe Employee
    Adobe Employee
    September 30, 2020

    What settings are you looking for? There are a few settings which I would qualify as allow or deny lists.

      JakeCham
      JakeChamAuthor
      Level 6
      October 2, 2020
      i have got vulnerability issue report from one of my client.in there he has provided some links to verify that those links have been blocked properly in black list and white list configurations. i got this project in halfway through so i am looking from where it has been blocked
      Umesh_Thakur
      Community Advisor
      Umesh_ThakurCommunity AdvisorAccepted solution
      Community Advisor
      October 5, 2020

      I think the settings you are looking for that does not comes by default with general server installation, so you are not able to find it in the configMgr.

      Please click on the below links to get some info on it.

      https://docs.adobe.com/content/help/en/experience-manager-65/administering/security/mitigating-serialization-issues.html

      hope this will help.

      Regards

      Umesh Thakur

        Terms & ConditionsAccessibility statement

        Loading footer...