Expand my Community achievements bar.

Who Me Too'd this topic

Avatar

Level 2

Hi All,

As part of aem_hacker.py reports,requested us block the below access in our application.

bin/querybuilder.json.css
bin/querybuilder.feed.css
ibs/cq/security/userinfo.css
crx/de/index.jsp;%0aa.css


I have tried with the below deny rule in dispatcher.any file and it's not worked

 

  1. { /type "deny"  /url"/bin/querybuilder.feed.css" }
  2. { /type "deny"  /url"/bin/querybuilder.json.servlet;%0aa.css" }
  3. { /type "deny"  /url"/crx/de/index.jsp;%0aa.css" }
  4. { /type "deny" /path "/bin/querybuilder*" /selectors '(feed|servlet|json)' /extension '(css)'}
  5. { /type "deny" /url "*.userinfo.css"}
  6. { /type "deny" /url "/crx/*.css"
  7. { /type "deny" /path "/libs/*" }
  8. { /type "deny" /path "/bin/querybuilder*" }

Could you please suggest with solution to fix the hacker.py report issues ?

Who Me Too'd this topic