Adobe Experience Manager Sites & More

nbg62 · 10/24/22

hi,

just for a test we would like to enable querybuilder on cloud sandbox publishing instance.

We tried changing filters.any

Added 2 rules

$include "./default_filters.any"

/0100 { /type "allow" /path "*/bin/querybuilder*" /selectors "*" /extension "*" }

# allow non-public content directories if this isn't a production environment by uncommenting the next few lines
/0304 { /type "allow" /url "/apps/*" }
/0305 { /type "allow" /url "/bin/*" }

but no rule is allowing us to access /bin/querybuilder.json on publishing instance, we get "not found"

Thanks

nbg62 · 10/25/22

This is resolved by running proper pipeline (with unchecked Ignore Web Tier Configuration).

Rules that were used (I guess only 0100 would be enough)

/0100 { /type "allow" /url "/bin/querybuilder.json"}

/0304 { /type "allow" /url "/apps/*" }
/0305 { /type "allow" /url "/bin/*" }

View solution in original post

Ravi_Pampana · 10/24/22

Hi,

Are you trying to access from dispatcher or publisher instance ? Try checking directly from publish instance with ip and also check whether /bin is added under below configuration

Apache Sling Servlet/Script Resolver and Error Handler

nbg62 · 10/25/22

hi,

I'm trying to access on publisher instance.

I'll check Apache Sling Servlet/Script Resolver and Error Handler

nbg62 · 10/25/22

Checked config on publishing, looks good.

This id from dispatcher log:
"GET /bin/querybuilder.json" -0ms [publishfarm/-] [actionblocked]

Getting Fastly error when trying using IP.

Is there any way to enable debug log on dispatcher ?

Config:
scriptServiceUserMapped.target: "(|(subServiceName=scripts)(!(subServiceName=*)))"
servletContext.target: "(name=org.apache.sling)"
servletresolver.cacheSize: 1000
servletresolver.defaultExtensions:
- "html"
servletresolver.mountProviders: false
servletresolver.paths:
- "/bin/"
- "/libs/"
- "/apps/"
- "/system/"
- "/index.servlet"
- "/login.servlet"
- "/services/"
- "/etc/commerce/searchpromote/feed/deleted.servlet"
- "/graphql/"
servletresolver.servletRoot: -1

Lokesh_Vajrala · 10/25/22

Yes, you can enable the debug logging for dispatcher. Change the value of the DISP_LOG_LEVEL to Debug in global.vars file located under conf.d/variables and run the deployment.

Define DISP_LOG_LEVEL Debug

Lokesh_Vajrala · 10/24/22

Default dispatcher files should not be edited in Cloud Service, and default_filters.any is one of them. Instead, you can add those rules to the filters.any file and test the querybuilder in non-production instances.

In case you've not noticed, there is a text block like the one below mentioned in the default filters.any file at the top of it.

#
# This is the default filter ACL specifying what requests are handled by the dispatcher.
#
# DO NOT EDIT this file, your changes will have no impact on your deployment.
#
# Instead modify filters.any.
#

But the comment mentioned in the default_filters.any for allowing /bin and /apps for non-production instances is confusing. At least, it should say, "add these rules in the filters.any file to allow non-public content directories if this isn't a production environment".

# allow non-public content directories if this isn't a production environment by uncommenting the next few lines
# /004 { /type "allow" /url "/apps/*"   }  # allow apps access
# /005 { /type "allow" /url "/bin/*"    }  # allow bin path access

nbg62 · 10/25/22

Well, I stated that I updated filters.any

nbg62 · 10/25/22

This is resolved by running proper pipeline (with unchecked Ignore Web Tier Configuration).

Rules that were used (I guess only 0100 would be enough)

/0100 { /type "allow" /url "/bin/querybuilder.json"}

/0304 { /type "allow" /url "/apps/*" }
/0305 { /type "allow" /url "/bin/*" }

Adobe Experience Manager Sites & More

Enable /bin/querybuilder on Publishing instance

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe