Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Dispatcher rules to block secured paths

Avatar

Level 1

Hi,

 

We are using AMS 6.5 SP15. The following paths are being exposed and json responses are rendered from the dispatcher. 

 

content paths:

===========

/content/.2.json;%0Aa.png/.json

/content/projectfolder/.5.json;%0Aa.png/.json

/content/.2.json;%0Aa.png/.json

/content/proj/us/en/b-content/page-billing/jcr:content/root/container/container/authcontainer/testcomponent-copy-par-c/par_1.100.json;%0AXLA.ico/a.html

 

dam paths:

========

/content/dam/proj-assets/en-us/brandname/images.1.json;%0Aa.png/.png

/content/dam/test-library/en-us/fol1/folder2/.children.json;%0AXLA.ico/a.html

/content/dam/test-library/en-us/fol1/folder2/pdf/test1.pdf/.children.json

 

Can you suggest some generic filter rules to block these paths in the dispatcher filter rules?

 

Thanks in Advance.

 

Regards,

S

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @srinivasanp3053 ,

you can use the following rules :

 

For blocking content paths:

/0001 { /type "deny" /glob "/content/*.json" }
/0002 { /type "deny" /glob "/content/**/*.json" }

 

For blocking DAM paths:

 

/0003 { /type "deny" /glob "/content/dam/*.json" }
/0004 { /type "deny" /glob "/content/dam/**/*.json" }

 

 

View solution in original post

3 Replies

Avatar

Correct answer by
Community Advisor

Hi @srinivasanp3053 ,

you can use the following rules :

 

For blocking content paths:

/0001 { /type "deny" /glob "/content/*.json" }
/0002 { /type "deny" /glob "/content/**/*.json" }

 

For blocking DAM paths:

 

/0003 { /type "deny" /glob "/content/dam/*.json" }
/0004 { /type "deny" /glob "/content/dam/**/*.json" }

 

 

Avatar

Community Advisor

@srinivasanp3053 

 

You might want to revisit the existing rules as well

Ideally, on publish instances you should start with Deny access to all content

/0001 { /type "deny"  /url "*" }

Next,  we should not enable the json paths that are required. Example

/0251 { /type "allow" /selectors "model" /extension "json" /path "/content/abc/*" }

 

It would help, if you could provide more details:

1. Are these json available across all content, and you want to avoid for all. If yes, please have a look at the configs shared above.

 

2. Is it only the secured content, where you want to avoid json. How are these restricted?


Aanchal Sikka

Avatar

Level 2

You can use advanced Dispatcher filter rules to block paths with the help of path, selectors, extensions etc.

Example 

/006 {
        /type "deny"
        /path "/content/*"
        /extension '(json|xml|feed))'
        }