Expand my Community achievements bar.

SOLVED

Dispatcher Filter Rules /glob vs /url

Avatar

Level 1
Level 1
3/25/19 7:44:49 AM

Hello Team,

This is related best practice for setting the dispatcher filters ,

Suppose we have following two rules,

0001 { /type "allow" /glob "/bin/*"    }  
0002 { /type "allow" /url "/bin/*"    }

What are the advantages and disadvantages of glob and url pattern in above case, which one is suggested ?

With both the rules is it possible to access URLs like , http://domain/bin/../libs/xyz/someresource or some other important resource in repo.

Views

2.7K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 10
Level 10
3/25/19 8:19:47 AM

As Configuring Dispatcher says, glob property is used to match with the entire request-line while url will just match with url element. Clearly, glob is more powerful that url.

Why would you want to abuse glob with just an element of the request? Per my knowledge, the recommended property is url in this case.

  • Element of the Request Line: Include /method, /url, /query, or /protocol and a pattern for filtering requests according to these specific parts of the request-line part of the HTTP request. Filtering on elements of the request line (rather than on the entire request line) is the preferred filter method.
  • glob Property: The /glob property is used to match with the entire request-line of the HTTP request.

View solution in original post

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Level 10
Level 10
3/25/19 8:19:47 AM

As Configuring Dispatcher says, glob property is used to match with the entire request-line while url will just match with url element. Clearly, glob is more powerful that url.

Why would you want to abuse glob with just an element of the request? Per my knowledge, the recommended property is url in this case.

  • Element of the Request Line: Include /method, /url, /query, or /protocol and a pattern for filtering requests according to these specific parts of the request-line part of the HTTP request. Filtering on elements of the request line (rather than on the entire request line) is the preferred filter method.
  • glob Property: The /glob property is used to match with the entire request-line of the HTTP request.

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply