Hi All,
I would to like to deny all the post methods by adding below filter
/0001 {type "deny" /method "POST" }
Then , I have 100+websites running in my AEM application,so how to allow the all configured mapped content paths(present in my application) by adding filter conditions.
Could you please suggest on this and let me know your thoughts .
Thanks in Advance.
@keerthi97 there is no magic bullet for this, since there are any number of ways the HTTP POST endpoints maybe have been defined in AEM.
In the best case, all your HTTP POST endpoints are bound with well-known Sling selectors -- so like, HTTP POST /content/site-1/page.my-custom-submisssion.json, where `my-custom-submission` is the identifying selector.
If you have a set of well-known selectors, you can allow POST whose URLs contain that Selector or Path pattern .. some examples are here [1]
If you have a mix of POST endpoints (resource-type based servlets, path-based servlets, script-based servlets, or even OOTB) then you'll have to go through them and figure out the best set of filters are for what your 100+ sites are using. Hopefully, you'll be able to identify some patterns that let you define allow a single rule per logical endpoint. Definitely think about using the /path configuration that allows patterns (regex) or matching on selectors if you can.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.