From 768a782dae66134956fc8fb22236b443979715cf Mon Sep 17 00:00:00 2001 From: Philipp Dallig Date: Tue, 27 Sep 2016 14:43:22 +0200 Subject: [PATCH] sirona-aem - use alias for dispatcher filter --- customer/sirona-aem/production.yaml | 100 ++++++++++++++-------------- 1 file changed, 51 insertions(+), 49 deletions(-) diff --git a/customer/sirona-aem/production.yaml b/customer/sirona-aem/production.yaml index f863f80d..83018984 100644 --- a/customer/sirona-aem/production.yaml +++ b/customer/sirona-aem/production.yaml @@ -730,61 +730,63 @@ site::profile::aem::author::pp_vhosts: # auth_user_file: '/etc/httpd/htdigest' # auth_require: 'valid-user' +dispatcher_filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + aem::dispatcher::publish_farm: website: clientheaders: - '*' renders: - { hostname: "127.0.0.1", port: '4503' } - filter: - - { type: 'deny', glob: '*' } - - { type: 'allow', url: '/' } - - { type: 'allow', url: '*.html' } - - { type: 'allow', url: '*.css' } # enable css - - { type: 'allow', url: '*.gif' } # enable gifs - - { type: 'allow', url: '*.ico' } # enable icos - - { type: 'allow', url: '*.js' } # enable javascript - - { type: 'allow', url: '*.png' } # enable png - - { type: 'allow', url: '*.swf' } # enable flash - - { type: 'allow', url: '*.jpg' } # enable jpg - - { type: 'allow', url: '*.jpeg' } # enable jpeg - - { type: 'allow', url: '*.svg' } # enable svg - - { type: 'allow', url: '*.ttf' } # enable ttf - - { type: 'allow', url: '*.woff' } # enable woff - - { type: 'allow', url: '*.woff2' } # enable woff2 - - { type: 'allow', url: '*.eot' } # enable eot - - { type: 'allow', url: '*.pdf' } # enable pdf - - { type: 'allow', url: '*.wmv' } # enable wmv - - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) - - { type: 'allow', url: '*.tif' } # enable tif - - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) - # Enable features - - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization - - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API - - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API - # Security Rules - - { type: 'deny', url: '/etc/' } - - { type: 'deny', url: '/libs/' } - - { type: 'allow', url: '/etc/designs/*' } - - { type: 'allow', url: '/etc/clientlibs/*' } - - { type: 'allow', url: '/etc/segmentation.segment.js' } - - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } - - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } - - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) - - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) - - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) - - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) - # CSRF - - { type: 'allow', url: '/libs/granite/csrf/token.json' } - # Deny content grabbing - - { type: 'deny', url: '*.infinity.json' } - - { type: 'deny', url: '*.tidy.json' } - - { type: 'deny', url: '*.sysview.xml' } - - { type: 'deny', url: '*.docview.json' } - - { type: 'deny', url: '*.docview.xml' } - - { type: 'deny', url: '*.*[0-9].json' } - # Deny query - - { type: 'deny', url: '*.query.json' } + filter: "%{alias('dispatcher_filter')}" cache_docroot: '/var/www/html/cache' cache_rules: - { type: 'allow', glob: '*' } -- 2.39.5