Expand my Community achievements bar.

Adobe Summit 2025: AEM Session Recordings Are Live! Missed a session or want to revisit your favorites? Watch the latest recordings now.
Watch Now!

etc.clientlibs giving 404, but we can't allow it in dispatcher

Avatar

Level 1
Level 1
4/17/25 9:14:10 AM

Hi All, 

 

 

etc.clientlibs is giving 404 in Dispatcher. We can not allow the path in dispatcher due to security reasons. can anyone recommend other alternatives to include OOTB css. 

 

We have our custom css in etc/designs in AEM 6.5. 

 

 

Thanks In Advance.

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Experience Manager

Views

277

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Community Advisor
Community Advisor
4/17/25 10:40:27 AM

Hi @SushmaNa1 ,

 

The /etc.clientlibs/ is a proxy servlet that allows to get clientlibs located in the protected areas like /apps. In this case, cq:ClientLibraryFolder has to have allowProxy=true property. I would recommend to allow loading clientlibs through /etc.clientlibs.

 

Do you have clientlibrary defined under /etc/designs? Is this path allowed in your dispatcher configuration? If yes, please check for allowProxy property in the clientlibrary definition. If you don't want to load clientlibs via /etc.clientlibs/ and it's publicly accessible through the dispatcher, you need to set allowProxy=false.

 

Best regards,

Kostiantyn Diachenko.

 

 

 

 

Views

253

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
4/17/25 7:07:45 PM

@SushmaNa1 /etc.clientlibs/ is adobe recommended way of accessing clientlibs. Can you please explain what security issues you are facing if we allow it? Also please move any clientlibs from /etc/designs to /apps/ as per AEM 6.5 repo restructuring recommendation by Adobe.

Views

230

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
4/17/25 8:31:49 PM

Hi @SushmaNa1 

In order for the client libraries under /apps to be accessible, a proxy servelt is used. The ACLs are still enforced on the client library folder, but the servlet allows for the content to be read via /etc.clientlibs/ if the allowProxy property is set to true.

If you have a clientlib in /apps/myproject/clientlibs/foo, the allowProxy property lets you request the clientlib via /etc.clientlibs/myprojects/clientlibs/foo.js or foo.css

In your dispatcher filter configuration, you must have the below rule which will ensure the proxy path is allowed.

Please move all your custom designs from /etc/designs under /apps with your project specific folders.

# Enable clientlibs proxy servlet
/0012 { /type "allow" /method "GET" /url "/etc.clientlibs/*" }

With this there should not be any security concerns. If there are any other use case do let us know.

Views

224

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Issue in fetching property Solved

Views

61

Likes

0

Replies

1
Deleting the tag in AEM as cloud service Solved

Views

152

Likes

0

Replies

6
environment variable for token in yaml file

Views

112

Likes

0

Replies

5
Selective Content Fragment Copy via REST API in AEM as a Cloud Service

Views

81

Likes

0

Replies

3
language property in cq:Tag node in AEM as cloud service not updating

Views

87

Likes

0

Replies

2