Expand my Community achievements bar.

SOLVED

Sling Servlet 403 Forbidden Error

Avatar

Level 4

AEM 6.5.5

 

We have a form and we submit the form data to a servlet using post method. We have reactjs and webpack will pack js and added to clientlibs/clientlib-base.

Previously the form submission was working fine but recently it is not working. Even we are getting the same error when we try it from our publish server w ithout via dispatcher.

 

It works well if we remove POST from FilterMethods in Adobe Granite CSRF Filter config. But we cannot remove this in our prod publish.

In some of the threads they are asking to use cq.jquery but we cannot use cq.jquery in ui.frontend project.

Is there something we can pass additionally in the request header so that the server will honor the request.

 

It will be helpful if some has solution for it. 

 

1 Accepted Solution

Avatar

Correct answer by
Level 6

@saibul : Have you allowed proxy on the clientlib-base. Please check the below for the reference.

kchaurasiya_0-1632387359601.png

 

Thank You.

Keshav Chaurasiya

View solution in original post

5 Replies

Avatar

Level 6

@saibul Can you explain in the details what the operation you are doing with servlet. It will help to understand more on this. As you said form submission was working fine previously using post method and now it is not working.

Are you using the system user in servlet to reading/update any node properties?

 

Thank You.

Keshav Chaurasiya

Avatar

Level 4

@kchaurasiya thanks for your response.

No, just we collecting the values from form sending to a preconfigured email. We are not accessing any node data in the servlet.

Avatar

Correct answer by
Level 6

@saibul : Have you allowed proxy on the clientlib-base. Please check the below for the reference.

kchaurasiya_0-1632387359601.png

 

Thank You.

Keshav Chaurasiya

Avatar

Level 4

@Suraj_Kamdi, Thanks for your response.. sorry it didnt help. I added granite.csrf.standalone value to both dependency as well as dependencies[] property, but no luck.