Expand my Community achievements bar.

SOLVED

Post method with html extensions

Avatar

Level 4
Level 4
2/16/21 2:36:49 AM

Hi All,

I need to block my post configuration on aem dispatcher first and allow only required selectors with extensions on the dispatcher filters.

So, could you please suggest on the way or whether the below filter will allow the post method with html extensions for configuring into the dispatcher.

 

//001 { /type "allow" /method "POST" /url "/content/[.]*.html}

Thanks in advance.

 

 

Views

1.1K

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 4
Level 4
2/16/21 3:40:49 AM

Hi @Keerthi97 ,

 

if you use the below 1st rule in your filters. any file

/0001 { /type "deny"  /url "*" }

It will deny everything for you including Get and Post [comes as the best practices]

 

and after that, you can allow POST requests.

 

Here are few examples to allow the post method with html & json extension

## allow POSTs to form selectors under content

/0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" }

 

## allow POSTs to update the shopping cart

/0003 { /type "allow" /method "POST" /path "/content/[.]*.commerce.cart.json" } 

 

 

/filter {
   /0001 { /type "deny"  /url "*" }
   /0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" } 
   /0003 { /type "allow" /method "POST" /path "/content/[.]*.commerce.cart.json" } 
}

 

 

View solution in original post

Views

1.0K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
5 Replies

Avatar

Correct answer by
Level 4
Level 4
2/16/21 3:40:49 AM

Hi @Keerthi97 ,

 

if you use the below 1st rule in your filters. any file

/0001 { /type "deny"  /url "*" }

It will deny everything for you including Get and Post [comes as the best practices]

 

and after that, you can allow POST requests.

 

Here are few examples to allow the post method with html & json extension

## allow POSTs to form selectors under content

/0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" }

 

## allow POSTs to update the shopping cart

/0003 { /type "allow" /method "POST" /path "/content/[.]*.commerce.cart.json" } 

 

 

/filter {
   /0001 { /type "deny"  /url "*" }
   /0002 { /type "allow" /method "POST" /url "/content/[.]*.form.html" } 
   /0003 { /type "allow" /method "POST" /path "/content/[.]*.commerce.cart.json" } 
}

 

 

Views

1.0K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 4
Level 4
2/16/21 3:47:54 AM
In response to Sanket_Kumbharkhane

Hi @Sanket_Kumbharkhane ,

In the case of allowing post method with html extensions ,whether it is possible to give filter condition as mentioned in my question.

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
2/16/21 4:01:21 AM
In response to Sanket_Kumbharkhane

yes @Keerthi97 , it looks good and can try on a lower environment or Stage first before pushing it to production.

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
3/4/21 4:57:33 AM

Hi @Sanket_Kumbharkhane ,

In my scenario, I am having post servlet calls modified in the form of resource types instead of /bin/, so could you please suggest some filters to refine and allow the POST servlets present in my project. Also , there are no identical selectors used in forms present in my application.

 

Thanks for your help

Views

891

Replies

0
Sign in to like this content

Total Likes

Translate
Translate