childrenlist sending successful response

Avatar

Avatar

chintan97patel

Avatar

chintan97patel

chintan97patel

14-07-2020

I am facing issues for some of the URLs which have 'childrenlist' as a keyword in the URL. For example, if I try accessing https://www.example.com/sdfsdf.childrenlist.html URL, it shows as below for the request. However, there are no such pages available for such request.Screen Shot 2020-07-14 at 2.16.58 PM.png

 

I have some rules set in dispatcher to redirect to 404 page when a page is not available. Some other pages like https://www.example.com/childrenlist.sdfsdf.html is working fine and getting redirected to 404 page. Is it a known issue in AEM? Additionally https://www.example.com/sdfsdf.sdfsdf.childrenlist.html shows 404 page but https://www.example.com/sdfsdf.childrenlist.sdfsdf.html will render same page with 'sdfsdf.childrenlist.sdfsdf.html' URL as shown in the above image. If AEM uses 'childrenlist' for backend processes and it is reserved keyword then can I stop requests coming from dispatcher and redirect to 404 or can it cause any issues? Also, if yes, which are the other keywords that should be taken care of?

Adobe Experience Manager

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Nupur_Jain

MVP

Avatar

Nupur_Jain

MVP

Nupur_Jain
MVP

17-07-2020

Hi @chintan97patel 

 

There is a servlet registered on selector "childrenlist"  by WCM Core bundle. This servlet is only called if the path is called with childrenlist as the first selector thats why yours calls like https://www.example.com/sdfsdf.childrenlist.html, https://www.example.com/sdfsdf.childrenlist.sdfsdf.html are giving response and others are throwing 404.

 

To check this yourself, you can access http://localhost:4502/system/console/servletresolver and add the url to want to check to, the console will tell you which script/servlet will be called to resolve the request in the candidates section

 

like

Screenshot from 2020-07-17 17-38-12.png

 

We can not get the list of all selectors we want to disallow from servlet but a right approach to handle such cases is to first disallow all selectors from dispatcher filter and then allow only project specific selectors like:

 

# Deny content grabbing for /content and its subtree
/0031 { /type "deny" /path "/content/*" /selectors '(.*)' /extension '(json|xml|html)' }

 

# Allow known selectors for /content and its subtree
/0032 { /type "allow" /path "/content/*" /selectors '(nocache|external|internal|footer|media)' /extension '(json|html)' }

 

Hope it helps!

Thanks!

Nupur

Answers (0)