Hello Team,
I wanted to know the difference between these configurations.
Adobe Granite Cross-Origin Resource Sharing Policy, Apache Sling Referrer Filter
Thanks
Solved! Go to Solution.
Views
Replies
Total Likes
HI @Mahesh_Gunaje ,
This is to allow the trusted servers, AEM has a referrer filter that can be configured.
In config manager, we have a configuration called “Apache Sling Referrer Filter“. This has below configs
Adobe Granite Cross Origin Resource Sharing Policy:
Adobe Experience Manager’s Cross-Origin Resource Sharing (CORS) facilitates non-AEM web properties to make client-side calls to AEM, both authenticated and unauthenticated, to fetch content or directly interact with AEM.
In addition to these two, one can implement Cross origin request sharing by using JSONP calls/ manipulating Access-Control-Allow-Origin in request header.
AEM 6.3 has introduced Cross-Origin Resource sharing configuration that allows authenticated and unauthenticated client side calls. This has configuration for allowed methods (POST,GET,DELETE.etc.,)
Thanks
Tarun
HI @Mahesh_Gunaje ,
This is to allow the trusted servers, AEM has a referrer filter that can be configured.
In config manager, we have a configuration called “Apache Sling Referrer Filter“. This has below configs
Adobe Granite Cross Origin Resource Sharing Policy:
Adobe Experience Manager’s Cross-Origin Resource Sharing (CORS) facilitates non-AEM web properties to make client-side calls to AEM, both authenticated and unauthenticated, to fetch content or directly interact with AEM.
In addition to these two, one can implement Cross origin request sharing by using JSONP calls/ manipulating Access-Control-Allow-Origin in request header.
AEM 6.3 has introduced Cross-Origin Resource sharing configuration that allows authenticated and unauthenticated client side calls. This has configuration for allowed methods (POST,GET,DELETE.etc.,)
Thanks
Tarun
Hi @TarunKumar
I am bit confused.
Apache Sling Referrer Filter Configuration.
which http methods should be filtered: I can see POST, PUT, DELETE methods. So, what this does?
For example: Using Assets Http API, I have created API for GET, Post methods. So that www.restapp.com can consume my Post, GET calls to do some stuff.
So, I need to do below mentioned steps:
1: Go to Adobe Granite Cross-Origin Resource Sharing Policy configuration.
Mention: www.restapp.com under "Allowed Origins" section. Allowed methods: GET, POST.
Query is : Do I need to add any configuration for Apache Sling Referrer Filter??
Next time, I will allow www.angularapp.com to access my same GET, POST api. In this case, I need to add once more entry for Adobe Granite Cross-Origin Resource Sharing Policy configuration.
Whats the role of "Allow Hosts" under: Apache Sling Referrer Filter
Views
Replies
Total Likes
Hey @TarunKumar
One more query. Consider this scenario:
I have created ASSET http API. Its GET method only. Now, 3rd party Spring boot application will use my GET API from their java logic. Now, what minimum configuration, I need to do? I assume CORS setting is not required. Since, 3rd party application uses backend java logic to hit my API.
Views
Replies
Total Likes
Hi @TarunKumar
Created separate ticket: https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/minimum-configuration-requ...
Views
Replies
Total Likes