This is correct. The Content Disposition Filter causes the asset to download as a security measure. You could technically embed a malicious script inside say an SVG asset which if rendered within the browser could execute code unknowingly.

This is the public AEM demo site for AEM As a Cloud Service  https://www.wknd.site/  

1) AEM 6.2 is end of life -- you really should be migrating off this version as it's no longer in support. 2) Only the Admin user (or users who were explicitly whitelisted by Admin in the Apache Sling Web Console Security Provider) can access the OSGI Consoleorg.apache.sling.extensions.webconsolesec...

1) Try capturing some thread dumps to understand what server side processing is happening. Use this script here : https://github.com/cqsupport/jstackSeries.sh 2) If the performance issue is specific to page load times you can also capture a HAR file of the network traffic in the web browser to under...

You have a messed up node at : /conf/global/settings/granite/operations/maintenance/granite_weekly  Just delete this custom maintenance config node via CRX/DE and the Dashboard will display. 

See : https://sling.apache.org/documentation/bundles/output-rewriting-pipelines-org-apache-sling-rewriter.html#configuring-a-processor

root is level 0, apps is 1, infy 2, jdelafon 3, config 4, rewriter 5, versioned-clientlibs 6

/apps/infy/jdelafon/config/rewriter/versioned-clientlibs is 6 levels deep.

The JCR Installer (by default) only looks 4 levels deep. You need to make an OSGI config change to max.depth to get to the 5th level. 

The i18n bundle relies on a cache that doesn't necessarily populate new items that are added to the dictionary after the cache was initially built. You'll likely need to trigger the cache to rebuild manually to see your new dictionary entry picked up. An effective workaround to accomplish this is th...