Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

Restricting Query Strings in dispatcher.any not working

Avatar

Level 2

I want to disable any URL with query strings but allow those that don't.  The "Note:" section of Configuring Dispatcher says the following should work:

/0001 { /type "deny" /method "*" /url "/mysite/content/test/*" }

/0002 { /type "allow" /method "GET" /url "/mysite/content/test/*" }

/0003 { /type "deny" /method "GET" /url "/mysite/content/test/*" /query "*" }

When I try https://my.site.com/mysite/content/test/home.html, it is getting blocked /0003

It should work, given "If a rule contains a /query, it will only match requests that contain a query string and match the provided query pattern."

For testing purposes my /filter section only contains those 3 rules.

1 Accepted Solution

Avatar

Correct answer by
Level 2

It turns out there is an issue with the dispatcher version we are using.  I don't know if it effects all platforms, but it is not working correctly on 4.2.0 on IIS, x64 non-ssl version.

I tested the same exact dispatcher configuration (dispatcher.any) on the latest dispatcher (v4.2.3) and the filter rules are working correctly with query strings.

View solution in original post

7 Replies

Avatar

Employee

Hello,

Make sure you have dispatcher version 4.1.5 or greater than 4.1.5.

Regards,

Vishu

Avatar

Level 2

I should have mentioned that.  We are using 4.2.0 on IIS.  x64 non-ssl version.

Avatar

Level 4

Hi,

Could you please remove the "mysite" from path and try?, you need to define only AEM path which is like /content/ , /apps/ , /etc/.

Eg :

/0001 { /type "deny" /method "*" /url "/content/test/*" }

/0002 { /type "allow" /method "GET" /url "/content/test/*" }

/0003 { /type "deny" /method "GET" /url "/content/test/*" /query "*" }

Wondering why your sample dispatcher URL looks /mysite/content/test/home.html , the best practice is always starts with /content/ like mysite.com/content/test

Thanks!

Avatar

Level 2

That didn't work.  We run AEM within an application server and it's not possible to run at the root.  (We even had ACS unseccuessufully attempt to change that).  All of our /filter rules are prefixed with /mysite and we haven't had any issues since we launched the site over two years ago.

I added a fourth rule to test your suggestion.

/0004 { /type "allow" /method "GET" /url "/content/test/*" /query "a=*" }

https://my.site.com/mysite/content/test/home.html?a=test does not work.  It does work when rule 4 is:

/0004 { /type "allow" /method "GET" /url "/mysite/content/test/*" /query "a=*" }

Avatar

Employee

/0029 { /type "allow" /method "GET" /url "/content/geometrixx-outdoors.html" }

/0030 { /type "deny" /method "GET" /url "/content/geometrixx-outdoors.html" /query "*" }

Above should work, however content might be getting served from cache regardless of query string attached or not

Avatar

Level 1

Hi nivedtha,

I am having some doubts regarding the AEM can you please help me out

[Personal contact info removed]

Avatar

Correct answer by
Level 2

It turns out there is an issue with the dispatcher version we are using.  I don't know if it effects all platforms, but it is not working correctly on 4.2.0 on IIS, x64 non-ssl version.

I tested the same exact dispatcher configuration (dispatcher.any) on the latest dispatcher (v4.2.3) and the filter rules are working correctly with query strings.