Adobe Experience Manager Sites & More

smahesh · 7/1/24

Hi All,

Please anyone cloud help me with the fix as i am not sure how to disable these methods on dispatcher.

Need to disable put,options,head,patch,delete and allow only post and get methods on dispatcher.

Regards,

Mahesh

arunpatidar · 7/1/24

Hi @smahesh
Please check examples : https://medium.com/@toimrank/aem-dispatcher-filter-section-a8c03a92c256

/filters
{

    # Allow other URLs as needed
    /0001 { /type "deny" /url "/*" } # Deny everything else by default

    /0002 { /type "allow" /method "GET" /url "/content/*" }
    #example of POST but specify further to only allow desire url with extensions
    /0003 { /type "allow" /method "POST" /url "/content/*" } 
}

Arun Patidar

View solution in original post

arunpatidar · 7/1/24

Hi @smahesh
Please check examples : https://medium.com/@toimrank/aem-dispatcher-filter-section-a8c03a92c256

/filters
{

    # Allow other URLs as needed
    /0001 { /type "deny" /url "/*" } # Deny everything else by default

    /0002 { /type "allow" /method "GET" /url "/content/*" }
    #example of POST but specify further to only allow desire url with extensions
    /0003 { /type "allow" /method "POST" /url "/content/*" } 
}

Arun Patidar

smahesh · 7/1/24

Thanks @arunpatidar , but how can I disable these methods from dispatcher headers ? Please let me know.

arunpatidar · 7/1/24

Hi @smahesh
I did not understood the logic of using dispatcher headers to disable certain Methods? Could you please elaborate.

You can disable above from filter section

https://experienceleague.adobe.com/en/docs/experience-manager-dispatcher/using/configuring/dispatche...

Arun Patidar

Jagadeesh_Prakash · 7/1/24

hi @smahesh

1. Open the dispatcher.any file in a text editor.
2. Navigate to the /filter section of the file.
3. Add deny rules for PUT, DELETE, and OPTIONS methods.
- For each method, set the type to "deny" and specify the method in the rule.
4. Ensure that there are no conflicting rules that might inadvertently allow these methods.
5. Save the dispatcher.any file.
6. Restart the Dispatcher for the changes to take effect.

/filters
{
/0001 { /type "deny" /method "PUT" }
/0002 { /type "deny" /method "DELETE" }
/0003 { /type "deny" /method "OPTIONS" }
/0004 { /type "allow" /method "GET" }
/0005 { /type "allow" /method "POST" }
}

EstebanBustamante · 7/2/24

Hi @smahesh

What @arunpatidar mentioned is the way to disable methods in the dispatcher. You "filter" which type of request (by method type) are allowed to pass through the dispatcher, so by setting the Rules Arun posted you are saying Denying all requests except those GET and POST requests to the "/content" path. The headers have nothing to do with these configurations, maybe you are trying to ask something different, if so, please clarify.

Hope this helps

Adobe Experience Manager Sites & More

How to disable http methods like put,delete,options on dispatcher in aem as cloud and allow only post and get

Arun Patidar

Arun Patidar

Arun Patidar

Esteban Bustamante

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe