Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Dispatcher rules to block secured paths

Avatar

Level 1
Level 1
6/18/23 8:30:56 PM

Hi,

 

We are using AMS 6.5 SP15. The following paths are being exposed and json responses are rendered from the dispatcher. 

 

content paths:

===========

/content/.2.json;%0Aa.png/.json

/content/projectfolder/.5.json;%0Aa.png/.json

/content/.2.json;%0Aa.png/.json

/content/proj/us/en/b-content/page-billing/jcr:content/root/container/container/authcontainer/testcomponent-copy-par-c/par_1.100.json;%0AXLA.ico/a.html

 

dam paths:

========

/content/dam/proj-assets/en-us/brandname/images.1.json;%0Aa.png/.png

/content/dam/test-library/en-us/fol1/folder2/.children.json;%0AXLA.ico/a.html

/content/dam/test-library/en-us/fol1/folder2/pdf/test1.pdf/.children.json

 

Can you suggest some generic filter rules to block these paths in the dispatcher filter rules?

 

Thanks in Advance.

 

Regards,

S

 

Views

969

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
6/18/23 8:56:49 PM

Hi @srinivasanp3053 ,

you can use the following rules :

 

For blocking content paths:

/0001 { /type "deny" /glob "/content/*.json" }
/0002 { /type "deny" /glob "/content/**/*.json" }

 

For blocking DAM paths:

 

/0003 { /type "deny" /glob "/content/dam/*.json" }
/0004 { /type "deny" /glob "/content/dam/**/*.json" }

 

 

View solution in original post

Views

956

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
6/18/23 8:56:49 PM

Hi @srinivasanp3053 ,

you can use the following rules :

 

For blocking content paths:

/0001 { /type "deny" /glob "/content/*.json" }
/0002 { /type "deny" /glob "/content/**/*.json" }

 

For blocking DAM paths:

 

/0003 { /type "deny" /glob "/content/dam/*.json" }
/0004 { /type "deny" /glob "/content/dam/**/*.json" }

 

 

Views

957

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Community Advisor
Community Advisor
6/18/23 9:35:13 PM

@srinivasanp3053 

 

You might want to revisit the existing rules as well

Ideally, on publish instances you should start with Deny access to all content

/0001 { /type "deny"  /url "*" }

Next,  we should not enable the json paths that are required. Example

/0251 { /type "allow" /selectors "model" /extension "json" /path "/content/abc/*" }

 

It would help, if you could provide more details:

1. Are these json available across all content, and you want to avoid for all. If yes, please have a look at the configs shared above.

 

2. Is it only the secured content, where you want to avoid json. How are these restricted?

Aanchal Sikka

Views

945

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
6/18/23 10:59:30 PM

You can use advanced Dispatcher filter rules to block paths with the help of path, selectors, extensions etc.

Example 

/006 {
        /type "deny"
        /path "/content/*"
        /extension '(json|xml|feed))'
        }

 

Views

936

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Pipeline-free URL Redirects is not working in AEM Cloud Dispatcher

Views

0

Likes

0

Replies

0
[AEM6.5]Add custom JS functionality to OOB ACS Commons Notification.

Views

27

Likes

0

Replies

2
Not able to add external URL in Content Fragment New Editor

Views

55

Likes

0

Replies

1
AEM Performance issue due to testandtarget/clientlibs/testandtarget/

Views

56

Likes

0

Replies

1
Authenticated (MS Entra ) Backend api to AEMasCS

Views

54

Likes

0

Replies

0