Expand my Community achievements bar.

SOLVED

Best way to POST a form from IOS ContentSync app to AEM Servlet

Avatar

Level 1
Level 1
11/15/16 8:29:12 AM

Use Case - We have a shell IOS app and they content for the app comes from AEM Content Sync. We are introducing couple of forms to be submitted via App, these forms will POST data to a servlet on AEM Publish instance. The POST data contains fields outside the form data, coming form IOS application settings/configurations.

Issue - Sling Referrer Filter blocks the POST from the IOS app.

Possible Solution(s)

1) Use AJAX based POST to Add referrer header

var main_url = "http://www.example1.com"; var referrer = "http://www.example2.com"; $.ajax({ url: main_url, dataType: "json", headers: {'X-Alt-Referer': referrer }, success: function(data){ console.log(data); } });

2) Serve the form from AEM instead of the local content copy created by the ContentSync

What is the recommended approach, I would prefer not to make AEM call to serve the forms; from what I have been told, Apple has strict rules on serving such content in App

Views

906

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
11/15/16 9:13:51 AM

Hi Ameesh,

Setting the referrer header in your JS code would be a security issue, so it is not permitted by the browser (or in this case, Cordova container).

You can bypass the Referrer Filter by overriding your app's user agent with a value that does not contain "Mozilla" or "Opera", in effect indicating that these requests are not coming from a browser. Place the following line in your app's config.xml, replacing "Custom User Agent String" with the value you would like to use:

<preference name="OverrideUserAgent" value="Custom User Agent String" />

To see the exact check done by the Sling Referrer Filter, check out the source code here: https://github.com/apache/sling/blob/4df9ab2d6592422889c71fa13afd453a10a5a626/contrib/extensions/sec...

View solution in original post

Views

777

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Employee
Employee
11/15/16 9:13:51 AM

Hi Ameesh,

Setting the referrer header in your JS code would be a security issue, so it is not permitted by the browser (or in this case, Cordova container).

You can bypass the Referrer Filter by overriding your app's user agent with a value that does not contain "Mozilla" or "Opera", in effect indicating that these requests are not coming from a browser. Place the following line in your app's config.xml, replacing "Custom User Agent String" with the value you would like to use:

<preference name="OverrideUserAgent" value="Custom User Agent String" />

To see the exact check done by the Sling Referrer Filter, check out the source code here: https://github.com/apache/sling/blob/4df9ab2d6592422889c71fa13afd453a10a5a626/contrib/extensions/sec...

Views

778

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 1
Level 1
11/15/16 9:50:29 AM

Thanks!!

My bad I should have looked at the code for filter, assumed it was failing with POSTMan it would fail on application as well. 

Views

551

Replies

0
Sign in to like this content

Total Likes

Translate
Translate