Hello,
We have an apple-app-site-association file located in /.well-known/apple-app-site-association which is being downloaded when requested thru a browser. We would like the file to be displayed as json output instead. Examining the headers shows the following:
Content-Disposition: attachment; filename="apple-app-site-association"
Content-Type: application/octet-stream
I assume that the Content-Type needs to be application/json or something other than octed-stream to prevent the file from downloading. Is it possible to configure this somehow? I have already tried setting a format in CRX as well as adding an exclusion to the Content Disposition Filter with no success. Any help would be appreciated.
Thank you
Solved! Go to Solution.
Views
Replies
Total Likes
What's the extension of your apple-app-site-association file?
I created a sample json file, uploaded it under Assets in AEM. I tried to render it, but it was getting downloaded.
So, I unchecked Enable For All Resource Paths in /system/console/org.apache.sling.security.impl.ContentDispositionFilter and saved it.
Then, I tried to render the same file, and now, it got rendered correctly.
I tried that in Incognito Window in Mozilla Firefox, with Disable Cache checkbox checked under Developer Tools' Network tab.
Octect Stream is blacklisted in DAM Safe Binary Filter(/system/console/com.day.cq.dam.core.impl.servlet.DamContentDispositionFilter).
Try removing it from there, save it, and verify whether you are able to render the octet-stream file in the browser. However, it was blacklisted due to security reasons[1]. You can either remove this from the DAM Safe Binary Filter, or change your file extension to .json(and a valid json), whichever works for you.
Hope it works.
[1] Content disposition filter is a security feature against XSS attacks on SVG files. https://helpx.adobe.com/experience-manager/6-4/sites/administering/using/content-disposition-filter....
What's the extension of your apple-app-site-association file?
I created a sample json file, uploaded it under Assets in AEM. I tried to render it, but it was getting downloaded.
So, I unchecked Enable For All Resource Paths in /system/console/org.apache.sling.security.impl.ContentDispositionFilter and saved it.
Then, I tried to render the same file, and now, it got rendered correctly.
I tried that in Incognito Window in Mozilla Firefox, with Disable Cache checkbox checked under Developer Tools' Network tab.
Octect Stream is blacklisted in DAM Safe Binary Filter(/system/console/com.day.cq.dam.core.impl.servlet.DamContentDispositionFilter).
Try removing it from there, save it, and verify whether you are able to render the octet-stream file in the browser. However, it was blacklisted due to security reasons[1]. You can either remove this from the DAM Safe Binary Filter, or change your file extension to .json(and a valid json), whichever works for you.
Hope it works.
[1] Content disposition filter is a security feature against XSS attacks on SVG files. https://helpx.adobe.com/experience-manager/6-4/sites/administering/using/content-disposition-filter....
Thank you so much for the reply! The file does not have an extension. The file does render correctly when I completely disable the filter. Do you happen to know how to configure the filter for one specific path? I have tried numerous different configurations with exclude and include and the only thing that seems to work is unchecking the box to completely disable.
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Hi @thomasf35641124 ,
We have a similar requirement. We are on first stage of it.
We have a apple-app-site-association file and need to place in AEM Server which is accessible at https://<fully qualified domain>/.well-known/apple-app-site-association.
Do you know where we can place this file in AEM?
Views
Replies
Total Likes
@iamnjain Are you able to fix this? If yes, could you please update where you have placed that?
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies
Views
Likes
Replies