Level 3

Dispatcher Filter Rule - Issue with Extension

Forum|Forum|2 years ago
December 13, 2023
3 replies
1699 views

I am working on updating our dispatcher filter rules and am having issues allowing static JS/CSS files located under /etc/clientlibs.

In our previous dispatcher rules, we used this:
/0001 { /type "deny" /glob "*" }
...
/1011 { /type "allow" /glob "* /etc/clientlibs/*" }

In the updated version, I am using this instead (taken from AMS Dispatcher Docker and AEM Archetype code):
/0001 { /type "deny" /url "*" }
...
/1011 { /type "allow" /method "GET" /path "/etc/clientlibs/*" /extension '(css|eot|gif|ico|jpeg|jpg|js|png|svg|swf|ttf|woff|woff2)' }

When tailing the dispatcher log, JS/CSS files seem to be getting blocked on the first rule:
Filter rule entry /0001 blocked 'GET /etc/clientlibs/jquery/3.6.0/js/scripts.js HTTP/1.1'
Filter rule entry /0001 blocked 'GET /etc/clientlibs/bootstrap/4.6.1/css/styles.css HTTP/1.1'

An easy solution would just be to open all of clientlibs, like so, but I was hoping to narrow down by extension.
/1011 { /type "allow" /method "GET" /url "/etc/clientlibs/*" }

I am running Dispatcher 4.3.2 if that helps.

Thanks in advance!

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

H

himanshu

Adobe Employee

Are you serving the clientlibs using the proxy servlet? If yes, in that case you need to add clientlibs as an allowed extension. Something like below.

/allow-extensions { /type "allow" /extension '(clientlibs|gif|ico|js|png|swf|jpe?g|woff2?)' }

If that's not the case, make sure that there is no deny rule after your allow rule. One more thing you can try is to remove the * from your path.

So to make it look like below.

/1011 { /type "allow" /method "GET" /path "/etc/clientlibs/" /extension '(css|eot|gif|ico|jpeg|jpg|js|png|svg|swf|ttf|woff|woff2)' }

You can also use the debugger to understand why the requests are being blocked.

https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/content-delivery/validation-debug.html?lang=en#debugging-apache-and-dispatcher-configuration

G

Gunars_VAuthor

Level 3

Hi thank you for the reply. I am not using the proxy in this case. I have tried removing the "*" and "/*" and neither have worked.

Sudheer_Sundalam

Community Advisor

@gunars_v ,

The rule /1011 { /type "allow" /method "GET" /path "/etc/clientlibs/*" /extension '(css|eot|gif|ico|jpeg|jpg|js|png|svg|swf|ttf|woff|woff2)' } is perfect for allowing files serving from /etc/clientlibs and ending with those extensions. What I am guessing happening in your case is duplicate /0001 { /type "deny" /url "*" } in two different filter files.

If you have and including "ams_publish_filters.any" in your filter section and also yourcompany_publish_filters.any, then make sure you are not repeating the same filter rules in both the files.

The best way I think is to include "$include "*ams_publish_filters.any"" as the 1st line in your project publish_filter.any and add all the project specific filters following that.

G

Gunars_VAuthor

Level 3

Hi @sudheer_sundalam thanks for the reply. I have confirmed that there are no other deny rules and I am only using a single publisher.any file. Is there any other reason that /extension would not work? I removed that from the rule and it works fine. So strange...

kautuk_sahni

Community Manager

@gunars_v Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.

Kautuk Sahni

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded