Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

Regexp is not working in Apache Sling Referrer filter

Avatar

Level 4

I need to allow some of the external domains to access the application which is built on AEM. For that I have given the full domain url (<protocol>://<server>:<port>) in Allowed Hosts under Apache Sling Referrer filter in OSGI console. It works fine and its able to make the POST requests. Now I want to change that to a regex so that it will allow a series of external application domains. So I have added the below regex on the Apache Sling Referrer filter:

/^(https?):\/\/([A-Z\d\.-]{2,})\.([A-Z]{2,})(:\d{2,4})?/i

But its not working. Its throwing Forbidden error - 403 for POST requests.

So my question is can we include regexp in Allowed Hosts under Apache Sling Referrer filter in OSGI console ? 

 

 

1 Accepted Solution

Avatar

Correct answer by
Administrator

Hi

Please have a look at this community article, this might will help you.

Link:-https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

//Go to the Felix Console – http://localhost:4502/system/console/configMgr
Search for “Apache Sling Referrer Filter”
Select “Allow Empty”    This will disable the referrer security check in CQ5 for your developer instance.

Also make sure, regular expression is correct.

Just FYI...

Regex if you want to ensure URL starts with HTTPS

https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)

 

I hope this will help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

View solution in original post

3 Replies

Avatar

Correct answer by
Administrator

Hi

Please have a look at this community article, this might will help you.

Link:-https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

//Go to the Felix Console – http://localhost:4502/system/console/configMgr
Search for “Apache Sling Referrer Filter”
Select “Allow Empty”    This will disable the referrer security check in CQ5 for your developer instance.

Also make sure, regular expression is correct.

Just FYI...

Regex if you want to ensure URL starts with HTTPS

https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)

 

I hope this will help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

Avatar

Level 3

Try this in a helloworld. I would imagine that filter uses something like this to verify the referrer hosts.

Pattern.compile(your regex).matcher("your referer url - only http(s)://host:port").matches()

Avatar

Level 4

Thanks for the reply. The problem was with the regexp. I changed it and it worked.

I need to implement these changes in production so I cant select “Allow Empty” as this will disable the referrer security check and it allows all the domains.