Highlighted

XSSFilterImpl: Cannot use custom policies warning on /etc/clientcontext/default/content/jcr:content/stores.init.js

nandand81957514

16-11-2017

We use AEM and AEM Community.

In my logs , I have a large number of warnings like the one below:

any hints / ideas on where i could start looking?

Perhaps in the xssProtection? But it's hard to tell what i should be looking for.

Replies

Highlighted

mjb54261515

16-11-2017

Hi by chance do you see any method in com.adobe.granite.xss.impl.XSSFilterImpl  ? that might point to whats missing in your implementation

Highlighted

cmrockwe

19-01-2018

According to a response from Daycare, these log messages can be ignored. However, we believe that certain requests (http://localhost:4502/bin/security/authorizables.json ) generate many such messages. Therefore it is possible slow down or even crash AEM under heavy load of authorizables.json for example. Daycare suggested it is to be fixed in AEM 6.4. in the meantime turning off logging on com.adobe.granite.xss.impl.XSSFilterImpl was the only short term option,