Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Regexp is not working in Apache Sling Referrer filter

Avatar

Level 4
Level 4
7/25/16 1:21:13 PM

I need to allow some of the external domains to access the application which is built on AEM. For that I have given the full domain url (<protocol>://<server>:<port>) in Allowed Hosts under Apache Sling Referrer filter in OSGI console. It works fine and its able to make the POST requests. Now I want to change that to a regex so that it will allow a series of external application domains. So I have added the below regex on the Apache Sling Referrer filter:

/^(https?):\/\/([A-Z\d\.-]{2,})\.([A-Z]{2,})(:\d{2,4})?/i

But its not working. Its throwing Forbidden error - 403 for POST requests.

So my question is can we include regexp in Allowed Hosts under Apache Sling Referrer filter in OSGI console ? 

 

 

Views

2.1K

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Administrator
Administrator
7/26/16 6:00:07 AM

Hi

Please have a look at this community article, this might will help you.

Link:-https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

//Go to the Felix Console – http://localhost:4502/system/console/configMgr
Search for “Apache Sling Referrer Filter”
Select “Allow Empty”    This will disable the referrer security check in CQ5 for your developer instance.

Also make sure, regular expression is correct.

Just FYI...

Regex if you want to ensure URL starts with HTTPS

https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)

 

I hope this will help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

View solution in original post

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Administrator
Administrator
7/26/16 6:00:07 AM

Hi

Please have a look at this community article, this might will help you.

Link:-https://aem6solutions.wordpress.com/2015/06/19/apache-sling-referrer-filter/

//Go to the Felix Console – http://localhost:4502/system/console/configMgr
Search for “Apache Sling Referrer Filter”
Select “Allow Empty”    This will disable the referrer security check in CQ5 for your developer instance.

Also make sure, regular expression is correct.

Just FYI...

Regex if you want to ensure URL starts with HTTPS

https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)

 

I hope this will help you.

Thanks and Regards

Kautuk Sahni



Kautuk Sahni

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 3
Level 3
7/26/16 12:30:52 PM

Try this in a helloworld. I would imagine that filter uses something like this to verify the referrer hosts.

Pattern.compile(your regex).matcher("your referer url - only http(s)://host:port").matches()

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
7/26/16 1:28:48 PM

Thanks for the reply. The problem was with the regexp. I changed it and it worked.

I need to implement these changes in production so I cant select “Allow Empty” as this will disable the referrer security check and it allows all the domains.

Views

1.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
SEO Best Practices for Dyamic Pages in AEM Solved

Views

76

Likes

0

Replies

3
What is the idea way to bring content from Publish to Author in AEMaaCS

Views

154

Likes

0

Replies

7
My custom servlet is not being called

Views

136

Likes

0

Replies

11
Get List of locally created pages from local country site which are not rolled out from language-master

Views

115

Likes

0

Replies

6
Missing vanityurls-components package in software distribution

Views

104

Likes

0

Replies

3