Expand my Community achievements bar.

Get ready! An upgraded Experience League Community experience is coming in January.
Learn more

Numerical Selector for Json request is getting 404 Error from Dispatcher Filters

Avatar

Level 1
Level 1
12/17/25 11:41:39 PM

Hi,

 

I have an issue where I have a filter in dispatcher 

/0081 { /type "deny" /selectors '(feed|rss|pages|languages|blueprint|infinity|tidy|sysview|docview|query|[0-9-]+|jcr:content)' /extension '(json|xml|html|feed)' }

which is blocking request for numerical selectors with json and HTML extension. But for HTML I have added a filter by allowing after 81. 

/0082 { /type "allow" /selectors '([0-9-]+)' /extension '(html|json)' }

This is working for HTML but not for JSON. I still see 404 error. But this is working in dispatcher, So no issue with the code. Issue I see is from dispatcher.

Any possible approach or solutions that needs to be followed ?

Views

380

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Level 10
Level 10
12/18/25 1:04:12 AM

hi @Saiteja_PS

Following the official Adobe best practices, the correct approach is to implement the "Deny All Then Allow" strategy with clear priority ordering.

/filter {

# Rule 001: DENY ALL - Security baseline
/0001 { /type "deny" /url "*" }

# Rule 082: ALLOW - Requests with numerical selectors and permitted extensions
/0082 { 
  /type "allow" 
  /selectors '([0-9-]+)' 
  /extension '(html|json)' 
}
}

 

  • Rule /0001 as Defensive Base: By eliminating the complex rule 0081, you start with a deny everything (/url "*"). This is the official Adobe best practice that provides a security baseline for everything. There's no need to list all the patterns you want to block (feed|rss|pages|etc) - you simply deny everything by default.
  • 2. Rule /0082 in Priority: By positioning the allow rule /0082 after, you intercept your numerical selectors with HTML and JSON before they get blocked by the general deny rule.

Views

356

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
12/18/25 1:38:04 AM
In response to giuseppebaglio

Hi @giuseppebaglio  thanks for the response. I have tried with the same approach. first filter is already present and i have added json in the filter 82. But still I see blocked in the dispatcher logs. HTML is working fine. But it is failing for JSON.

Views

344

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
12/19/25 8:43:56 AM
In response to Saiteja_PS

Try enabling trace logging to see what's happening from rules perspectives: https://experienceleague.adobe.com/en/docs/experience-manager-dispatcher/using/configuring/dispatche... 

Views

298

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 3
Level 3
12/20/25 5:48:53 AM

@Saiteja_PS - 

Since the deny-all baseline and /0082 are already configured and HTML requests are working, this issue likely relates to how Dispatcher is matching the JSON request.

Please check whether the request includes any additional selectors or a suffix that might be matching another filter or glob rule before /0082.

Enabling Dispatcher trace logging should clearly show which rule is blocking the request.

As a next step, we can either move /0082 above the relevant deny rule or refine the deny pattern to exclude numeric selectors for JSON. This typically resolves the 404 while keeping the existing filters intact.

Views

280

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
ACS Commons TTL is not generated when the URL has query parameter Solved

Views

931

Likes

0

Replies

3
Dispatcher Redirect rules for landing the safe page.

Views

110

Likes

0

Replies

1
Hide taxonomy for Admin users

Views

153

Likes

0

Replies

3
Export XLIFF or XML from translation projects in Adobe Experience Manager

Views

192

Likes

0

Replies

0
Permission for Pages and Components

Views

204

Likes

0

Replies

2