This works for testing, but not for a long term solution. We need to use this form to make the post request within the iframe itself in AEM. Adding the path to the list of URLs that do not require authentication seems like the best option for now

Thank you for the replies,@vanegi, @BrianKasingli Adding the path to the list of URLs that do not require authentication certainly worked, however it feels like a bit of a workaround. Is there no other way? What has changed in v6.4.8.1? Also I am not sure how I would add a request header from an HTM...

I have an HTML form inside an iframe that makes a POST request to an AEM servlet. The servlet path is excluded by the Adobe Granite CSRF Filter, and the host making the POST request has been added to the Allowed Hosts in the Apache Sling Referrer Filter. On AEM 6.4.8.0, everything works fine, howeve...

@Jörg_Hoh Yes, we are trying to add cache-control: max-age=0, no-cache, no-store, must-revalidate to the response so that the CDN does not cache the page, but the cache-control header is missing from the response when we try to set it using the Header directive.

Yes, we are trying to add cache-control: max-age=0, no-cache, no-store, must-revalidate so that the CDN does not cache the page, but the header is missing from the response when we try to set it using th

In the release notes for Dispatcher v4.3.3, it mentions an improvement:DISP-818 - mod_expires adds Cache-Control headers for uncacheable contentDoes anyone know what this improvement actually does? We are trying to use the Apache mod_headers to add Cache-Control to certain responses, but it does not...

I did not realise the cache control: max-age=0 was not a Dispatcher out of the box feature, sorry. In our Apache web server, we are adding the "cache-control: max-age=0, no-cache, no-store, must-revalidate" to all responses that do not contain the Etag header, as this means the page is not cached. T...

We are experiencing some unusual behaviour regarding Dispatcher. If we make a request to a page that should not be cached according to out dispatcher rules, and the request contains query parameters, then the response is missing the Cache-Control header.We would expect to see cache-control: max-age=...

Hi, to clarify, dispatcher is working correctly, caching pages that are required to be cached. Also, the ACS Commons Dispatcher TTL also works correctly, however it only adds the header to requests that do not contain any query params. However, for requests that contain an ignored query param, ACS C...

I am using the ACS Commons Dispatcher TTL feature to set max-age headers to certain requests. I've also configured a list of query parameters which are ignored by Dispatcher. Both of these are working as expected. However, if a request is made to a page that contains ignored query parameters, then t...