Regexp is not working in Apache Sling Referrer filter

Question

I need to allow some of the external domains to access the application which is built on AEM. For that I have given the full domain url (<protocol>://<server>:<port>) in Allowed Hosts under Apache Sling Referrer filter in OSGI console. It works fine and its able to make the POST requests. Now I want to change that to a regex so that it will allow a series of external application domains. So I have added the below regex on the Apache Sling Referrer filter:

/^(https?):\/\/([A-Z\d\.-]{2,})\.([A-Z]{2,})(:\d{2,4})?/i

But its not working. Its throwing Forbidden error - 403 for POST requests.

So my question is can we include regexp in Allowed Hosts under Apache Sling Referrer filter in OSGI console ?

kautuk_sahni · Accepted Answer

HiPlease have a look at this community article, this might will help you.Link:-https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter///Go to the Felix Console – http://localhost:4502/system/console/configMgrSearch for “Apache Sling Referrer Filter”Select “Allow Empty”  This will disable the referrer security check in CQ5 for your developer instance.Also make sure, regular expression is correct.Just FYI...Regex if you want to ensure URL starts with HTTPShttps?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)I hope this will help you.Thanks and RegardsKautuk Sahni

abhishekb · Answer

Try this in a helloworld. I would imagine that filter uses something like this to verify the referrer hosts.Pattern.compile(your regex).matcher("your referer url - only http(s)://host:port").matches()

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded