Adobe Experience Manager Sites & More

sbg19 · 12/30/20

I have a servlet exposed through a path param

@SlingServlet(paths = { "/exampleservlet" }, methods = {"GET"})

when I try to make a fetch call(GET) from my React Js front end layer hosted on node server, AEM is not allowing me to reach the servlet and I get a CORS policy exception in my browser console.

Any kind of assistance or suggestions would be appreciated.

Thank you.

Kunal_Gaba_ · 12/30/20

Yes the request to servlet will be blocked as it is originated from an external application with a different domain. To make this work you will have to register the domain of the external application in AEM CORS OSGI configuration and bind it to the servlet path. Once you configure CORS then AEM will send appropriate response headers to the browser and the browser will be allowed to make the request.

Also, you will have to enable caching of headers in dispatcher if you are caching the response of the servlet in the dispatcher.

For more details please see these URLs-

https://experienceleague.adobe.com/docs/experience-manager-learn/foundation/security/understand-cros...

https://experienceleague.adobe.com/docs/experience-manager-learn/foundation/security/develop-for-cro...

View solution in original post

Kunal_Gaba_ · 12/30/20

Yes the request to servlet will be blocked as it is originated from an external application with a different domain. To make this work you will have to register the domain of the external application in AEM CORS OSGI configuration and bind it to the servlet path. Once you configure CORS then AEM will send appropriate response headers to the browser and the browser will be allowed to make the request.

Also, you will have to enable caching of headers in dispatcher if you are caching the response of the servlet in the dispatcher.

For more details please see these URLs-

https://experienceleague.adobe.com/docs/experience-manager-learn/foundation/security/understand-cros...

https://experienceleague.adobe.com/docs/experience-manager-learn/foundation/security/develop-for-cro...

sbg19 · 12/30/20

But from what I know we don't have that config(adding CORS policy) in configMgr as part of AEM 6.2. does this mean that its not possible to reach my Servlet from the node server?

shelly-goel · 1/2/21

@sbg19

For older versions of AEM, you can either user jsonp response or set the CORS header in the servlet. You can find the details in below link and compare which one works or you.

https://www.albinsblog.com/2018/08/how-to-enable-cross-origin-resource-sharing-support-in-aem.html

shelly-goel · 1/5/21

@sbg19 Not sure if you might have missed this, did you try out the options available in the link shared?

BrianKasingli · 1/3/21

@sbg19 during development, you would need to configure the Apache Sling Referrer Filter and Configure Adobe Granite CSRF Filter; you can review an example video of how to set it up here, https://sourcedcode.com/blog/aem/how-to-make-simple-http-post-methods-in-aem-with-a-http-rest-client

sbg19 · 1/4/21

Thanks for the Response! However surprisingly there is no filter configured for GET call, which means that the GET calls should reach the servlet which is not happening. Not sure as to why.

Adobe Experience Manager Sites & More

How to call a servlet which is deployed inside AEM 6.2 from an application hosted on node server?

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe