Apache Sling Content Disposition Filter

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Apache Sling Content Disposition Filter

Christopher Rockwell
Hello Sling Users

I am working on an upgrade and have found the changes to org.apache.sling.security.impl.ContentDispositionFilter present problems with rendering robots.txt (text/plain) from a location managed under the dam. After the upgrade it has the header Content-Disposition: attachment. As a result we have started seeing our testing URL’s in search results, which indicates the search-bots are not opening and reading

org.apache.sling.security version 1.1.2 ContentDispositionFilter had a ranking of -2500 (txt file renders)
org.apache.sling.security version 1.1.12 ContentDispositionFilter had a ranking of 25000 (txt file downloads)

My attempts to configure Apache Sling Content Disposition Filter have failed. Adding the fully qualified path to "Excluded Resource Paths" does not work. My question related to the section titled "Included Resource Paths & Content Types.” There is a cryptic instruction copied below. What does this mean? Please provide en example specifying the path, excluded content types

> These resource paths are covered by the filter. Each entry is of the form '<path> [ : <excluded content type> {,<excluded content type>} ]'. Invalid entries are logged and ignored. <path> must be an absolute path and may contain a wildcard ('*') at the end, to match every resource path with the given path prefix. (sling.content.disposition.paths)


I have guessed at different entries, but they do not take affect.
/content/path/robots.txt[text/plain]
/content/path/robots.txt [text/plain]
/content/path/robots.txt:text/plain

If I uncheck "Enable For All Resource Paths” in the Apache Sling Content Disposition Filter, then the header Content-Disposition: attachment goes away and it renders as expected. But seems like an extreme solution especially given the fact that Content Disposition Filter was used and worked at the previous version mentioned. Please note that although I have provided some context about the a specific problem, my question is about how to configure "Included Resource Paths & Content Types” using path and mime types.

Thanks!
Cris
Reply | Threaded
Open this post in threaded view
|

Re: Apache Sling Content Disposition Filter

Andres Bott
Hey Chris

I think defining an extension as part of the path would cause this not
to work,
since the extension is not part of the requests path (your examples)

as fas as I can remember, this should look more like:

"/content/path/*:text/plain" this means apply the filter for every path
bellow content/path except for requests to mime/type text requests.

if you need to pinpoint to the robots txt, you could try:
"/content/path/robots:text/plain"

unfortunately the best documentation i found back when I had to deal
with this was:
https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java

HTH

Andres


El 2019-02-18 22:00, Cris Rockwell escribió:

> Hello Sling Users
>
> I am working on an upgrade and have found the changes to
> org.apache.sling.security.impl.ContentDispositionFilter present
> problems with rendering robots.txt (text/plain) from a location
> managed under the dam. After the upgrade it has the header
> Content-Disposition: attachment. As a result we have started seeing
> our testing URL’s in search results, which indicates the search-bots
> are not opening and reading
>
> org.apache.sling.security version 1.1.2 ContentDispositionFilter had a
> ranking of -2500 (txt file renders)
> org.apache.sling.security version 1.1.12 ContentDispositionFilter had
> a ranking of 25000 (txt file downloads)
>
> My attempts to configure Apache Sling Content Disposition Filter have
> failed. Adding the fully qualified path to "Excluded Resource Paths"
> does not work. My question related to the section titled "Included
> Resource Paths & Content Types.” There is a cryptic instruction copied
> below. What does this mean? Please provide en example specifying the
> path, excluded content types
>
>> These resource paths are covered by the filter. Each entry is of the
>> form '<path> [ : <excluded content type> {,<excluded content type>}
>> ]'. Invalid entries are logged and ignored. <path> must be an absolute
>> path and may contain a wildcard ('*') at the end, to match every
>> resource path with the given path prefix.
>> (sling.content.disposition.paths)
>
>
> I have guessed at different entries, but they do not take affect.
> /content/path/robots.txt[text/plain]
> /content/path/robots.txt [text/plain]
> /content/path/robots.txt:text/plain
>
> If I uncheck "Enable For All Resource Paths” in the Apache Sling
> Content Disposition Filter, then the header Content-Disposition:
> attachment goes away and it renders as expected. But seems like an
> extreme solution especially given the fact that Content Disposition
> Filter was used and worked at the previous version mentioned. Please
> note that although I have provided some context about the a specific
> problem, my question is about how to configure "Included Resource
> Paths & Content Types” using path and mime types.
>
> Thanks!
> Cris
Reply | Threaded
Open this post in threaded view
|

Re: Apache Sling Content Disposition Filter

Christopher Rockwell
Thanks for the reply, but the suggestion does not work. After repeatedly testing various values and configurations, I have found neither sling.content.disposition.excluded.paths or sling.content.disposition.paths do anything. Perhaps they won't work when sling.content.disposition.all.paths is true?

The link was not useful as documentation since it points to the source, which define the configuration attribute names and descriptions. The names and descriptions are already obvious when opening the config via /system/console/configMgr

Has anyone else successfully set either sling.content.disposition.excluded.paths or sling.content.disposition.paths in org.apache.sling.security version 1.1.12?



> On Feb 18, 2019, at 4:55 PM, Andres Bott <[hidden email]> wrote:
>
> Hey Chris
>
> I think defining an extension as part of the path would cause this not to work,
> since the extension is not part of the requests path (your examples)
>
> as fas as I can remember, this should look more like:
>
> "/content/path/*:text/plain" this means apply the filter for every path bellow content/path except for requests to mime/type text requests.
>
> if you need to pinpoint to the robots txt, you could try: "/content/path/robots:text/plain"
>
> unfortunately the best documentation i found back when I had to deal with this was: https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java
>
> HTH
>
> Andres
>
>
> El 2019-02-18 22:00, Cris Rockwell escribió:
>> Hello Sling Users
>> I am working on an upgrade and have found the changes to
>> org.apache.sling.security.impl.ContentDispositionFilter present
>> problems with rendering robots.txt (text/plain) from a location
>> managed under the dam. After the upgrade it has the header
>> Content-Disposition: attachment. As a result we have started seeing
>> our testing URL’s in search results, which indicates the search-bots
>> are not opening and reading
>> org.apache.sling.security version 1.1.2 ContentDispositionFilter had a
>> ranking of -2500 (txt file renders)
>> org.apache.sling.security version 1.1.12 ContentDispositionFilter had
>> a ranking of 25000 (txt file downloads)
>> My attempts to configure Apache Sling Content Disposition Filter have
>> failed. Adding the fully qualified path to "Excluded Resource Paths"
>> does not work. My question related to the section titled "Included
>> Resource Paths & Content Types.” There is a cryptic instruction copied
>> below. What does this mean? Please provide en example specifying the
>> path, excluded content types
>>> These resource paths are covered by the filter. Each entry is of the form '<path> [ : <excluded content type> {,<excluded content type>} ]'. Invalid entries are logged and ignored. <path> must be an absolute path and may contain a wildcard ('*') at the end, to match every resource path with the given path prefix. (sling.content.disposition.paths)
>> I have guessed at different entries, but they do not take affect.
>> /content/path/robots.txt[text/plain]
>> /content/path/robots.txt [text/plain]
>> /content/path/robots.txt:text/plain
>> If I uncheck "Enable For All Resource Paths” in the Apache Sling
>> Content Disposition Filter, then the header Content-Disposition:
>> attachment goes away and it renders as expected. But seems like an
>> extreme solution especially given the fact that Content Disposition
>> Filter was used and worked at the previous version mentioned. Please
>> note that although I have provided some context about the a specific
>> problem, my question is about how to configure "Included Resource
>> Paths & Content Types” using path and mime types.
>> Thanks!
>> Cris

Reply | Threaded
Open this post in threaded view
|

Re: Apache Sling Content Disposition Filter

Joey Smith
Adding it to "Excluded Resource Paths" works correctly here for me:

https://asciinema.org/a/RFi1kQyk4TCoaCoz5d1ss0o7b

On Tue, Feb 19, 2019 at 7:28 AM Cris Rockwell <[hidden email]> wrote:

> Thanks for the reply, but the suggestion does not work. After repeatedly
> testing various values and configurations, I have found neither
> sling.content.disposition.excluded.paths or sling.content.disposition.paths
> do anything. Perhaps they won't work when
> sling.content.disposition.all.paths is true?
>
> The link was not useful as documentation since it points to the source,
> which define the configuration attribute names and descriptions. The names
> and descriptions are already obvious when opening the config via
> /system/console/configMgr
>
> Has anyone else successfully set either
> sling.content.disposition.excluded.paths or sling.content.disposition.paths
> in org.apache.sling.security version 1.1.12?
>
>
>
> > On Feb 18, 2019, at 4:55 PM, Andres Bott <[hidden email]> wrote:
> >
> > Hey Chris
> >
> > I think defining an extension as part of the path would cause this not
> to work,
> > since the extension is not part of the requests path (your examples)
> >
> > as fas as I can remember, this should look more like:
> >
> > "/content/path/*:text/plain" this means apply the filter for every path
> bellow content/path except for requests to mime/type text requests.
> >
> > if you need to pinpoint to the robots txt, you could try:
> "/content/path/robots:text/plain"
> >
> > unfortunately the best documentation i found back when I had to deal
> with this was:
> https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java
> >
> > HTH
> >
> > Andres
> >
> >
> > El 2019-02-18 22:00, Cris Rockwell escribió:
> >> Hello Sling Users
> >> I am working on an upgrade and have found the changes to
> >> org.apache.sling.security.impl.ContentDispositionFilter present
> >> problems with rendering robots.txt (text/plain) from a location
> >> managed under the dam. After the upgrade it has the header
> >> Content-Disposition: attachment. As a result we have started seeing
> >> our testing URL’s in search results, which indicates the search-bots
> >> are not opening and reading
> >> org.apache.sling.security version 1.1.2      ContentDispositionFilter
> had a
> >> ranking of -2500 (txt file renders)
> >> org.apache.sling.security version 1.1.12     ContentDispositionFilter
> had
> >> a ranking of 25000 (txt file downloads)
> >> My attempts to configure Apache Sling Content Disposition Filter have
> >> failed. Adding the fully qualified path to "Excluded Resource Paths"
> >> does not work. My question related to the section titled "Included
> >> Resource Paths & Content Types.” There is a cryptic instruction copied
> >> below. What does this mean? Please provide en example specifying the
> >> path, excluded content types
> >>> These resource paths are covered by the filter. Each entry is of the
> form '<path> [ : <excluded content type> {,<excluded content type>} ]'.
> Invalid entries are logged and ignored. <path> must be an absolute path and
> may contain a wildcard ('*') at the end, to match every resource path with
> the given path prefix. (sling.content.disposition.paths)
> >> I have guessed at different entries, but they do not take affect.
> >> /content/path/robots.txt[text/plain]
> >> /content/path/robots.txt [text/plain]
> >> /content/path/robots.txt:text/plain
> >> If I uncheck "Enable For All Resource Paths” in the Apache Sling
> >> Content Disposition Filter, then the header Content-Disposition:
> >> attachment goes away and it renders as expected. But seems like an
> >> extreme solution especially given the fact that Content Disposition
> >> Filter was used and worked at the previous version mentioned. Please
> >> note that although I have provided some context about the a specific
> >> problem, my question is about how to configure "Included Resource
> >> Paths & Content Types” using path and mime types.
> >> Thanks!
> >> Cris
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Apache Sling Content Disposition Filter

Christopher Rockwell
Thanks. Now I know that it can work even though it certainly not working for me! Here is the same style of test showing my robots path included w/ sling.content.disposition.excluded.paths.

curl -fs -u admin:admin 'http://localhost:4502/system/console/configMgr/org.apache.sling.security.impl.ContentDispositionFilter.json'
[{"pid":"org.apache.sling.security.impl.ContentDispositionFilter","title":"Apache Sling Content Disposition Filter","description":"Request filter adding Content Disposition header with value 'attachment' for certain paths\/content types. Independent of the configuration only resource paths are covered which contain a property named 'jcr:data' or 'jcr:content\\jcr:data'.","properties":{"sling.content.disposition.paths":{"name":"Included Resource Paths & Content Types","optional":false,"is_set":true,"type":1,"values":[""],"description":"These resource paths are covered by the filter. Each entry is of the form '<path> [ : <excluded content type> {,<excluded content type>} ]'. Invalid entries are logged and ignored. <path> must be an absolute path and may contain a wildcard ('*') at the end, to match every resource path with the given path prefix. (sling.content.disposition.paths)"},"sling.content.disposition.excluded.paths":{"name":"Excluded Resource Paths","optional":false,"is_set":true,"type":1,"values":["\/libs\/cq\/ui\/resources\/0.html","\/etc\/dam\/viewers\/s7viewers\/html5\/s7sdkclose.html","\/etc\/dam\/viewers\/s7viewers\/html5\/CarouselViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/eCatalogViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/BasicVideoViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/BasicZoomViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/ZoomViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/FlyoutViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/SpinViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/VideoViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/MixedMediaViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/InteractiveImage.html","\/etc\/dam\/viewers\/s7viewers\/html5\/InteractiveVideoViewer.html","\/etc\/dam\/viewers\/s7sdk\/2.9\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/dev\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/2.10\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/2.11\/flash\/VideoPlayer.swf","\/etc\/clientlibs\/foundation\/shared\/endorsed\/swf\/slideshow.swf","\/etc\/dam\/viewers\/s7sdk\/3.0\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/3.1\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/3.2\/flash\/VideoPlayer.swf","\/content\/dam\/path\/robots.txt"],"description":"These resource paths are excluded from the filter. Each resource path must be given as absolute and fully qualified path. Prefix matching\/wildcards are not supported. (sling.content.disposition.excluded.paths)"},"sling.content.disposition.all.paths":{"name":"Enable For All Resource Paths","optional":false,"is_set":true,"type":11,"value":true,"description":"This flag controls whether to enable this filter for all paths, except for the excluded paths defined by sling.content.disposition.excluded.paths. Setting this to 'true' leads to ignoring 'sling.content.disposition.path'. (sling.content.disposition.all.paths)"}},"bundleLocation":"","bundle_location":null,"service_location":""}]%

curl -vfs -u admin:admin http://localhost:4502/content/dam/path/robots.txt
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 4502 (#0)
* Server auth using Basic with user 'admin'
> GET /content/dam/michigan-lsa/admin/robots.txt HTTP/1.1
> Host: localhost:4502
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Last-Modified: Thu, 14 Feb 2019 19:08:25 GMT
< Content-Disposition: attachment
< Content-Type: text/plain;charset=iso-8859-1
< Content-Length: 25
<
User-agent: *
* Connection #0 to host localhost left intact
Disallow: /%








> On Feb 19, 2019, at 11:55 AM, Joey Smith <[hidden email]> wrote:
>
> Adding it to "Excluded Resource Paths" works correctly here for me:
>
> https://asciinema.org/a/RFi1kQyk4TCoaCoz5d1ss0o7b
>
> On Tue, Feb 19, 2019 at 7:28 AM Cris Rockwell <[hidden email]> wrote:
>
>> Thanks for the reply, but the suggestion does not work. After repeatedly
>> testing various values and configurations, I have found neither
>> sling.content.disposition.excluded.paths or sling.content.disposition.paths
>> do anything. Perhaps they won't work when
>> sling.content.disposition.all.paths is true?
>>
>> The link was not useful as documentation since it points to the source,
>> which define the configuration attribute names and descriptions. The names
>> and descriptions are already obvious when opening the config via
>> /system/console/configMgr
>>
>> Has anyone else successfully set either
>> sling.content.disposition.excluded.paths or sling.content.disposition.paths
>> in org.apache.sling.security version 1.1.12?
>>
>>
>>
>>> On Feb 18, 2019, at 4:55 PM, Andres Bott <[hidden email]> wrote:
>>>
>>> Hey Chris
>>>
>>> I think defining an extension as part of the path would cause this not
>> to work,
>>> since the extension is not part of the requests path (your examples)
>>>
>>> as fas as I can remember, this should look more like:
>>>
>>> "/content/path/*:text/plain" this means apply the filter for every path
>> bellow content/path except for requests to mime/type text requests.
>>>
>>> if you need to pinpoint to the robots txt, you could try:
>> "/content/path/robots:text/plain"
>>>
>>> unfortunately the best documentation i found back when I had to deal
>> with this was:
>> https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java
>>>
>>> HTH
>>>
>>> Andres
>>>
>>>
>>> El 2019-02-18 22:00, Cris Rockwell escribió:
>>>> Hello Sling Users
>>>> I am working on an upgrade and have found the changes to
>>>> org.apache.sling.security.impl.ContentDispositionFilter present
>>>> problems with rendering robots.txt (text/plain) from a location
>>>> managed under the dam. After the upgrade it has the header
>>>> Content-Disposition: attachment. As a result we have started seeing
>>>> our testing URL’s in search results, which indicates the search-bots
>>>> are not opening and reading
>>>> org.apache.sling.security version 1.1.2      ContentDispositionFilter
>> had a
>>>> ranking of -2500 (txt file renders)
>>>> org.apache.sling.security version 1.1.12     ContentDispositionFilter
>> had
>>>> a ranking of 25000 (txt file downloads)
>>>> My attempts to configure Apache Sling Content Disposition Filter have
>>>> failed. Adding the fully qualified path to "Excluded Resource Paths"
>>>> does not work. My question related to the section titled "Included
>>>> Resource Paths & Content Types.” There is a cryptic instruction copied
>>>> below. What does this mean? Please provide en example specifying the
>>>> path, excluded content types
>>>>> These resource paths are covered by the filter. Each entry is of the
>> form '<path> [ : <excluded content type> {,<excluded content type>} ]'.
>> Invalid entries are logged and ignored. <path> must be an absolute path and
>> may contain a wildcard ('*') at the end, to match every resource path with
>> the given path prefix. (sling.content.disposition.paths)
>>>> I have guessed at different entries, but they do not take affect.
>>>> /content/path/robots.txt[text/plain]
>>>> /content/path/robots.txt [text/plain]
>>>> /content/path/robots.txt:text/plain
>>>> If I uncheck "Enable For All Resource Paths” in the Apache Sling
>>>> Content Disposition Filter, then the header Content-Disposition:
>>>> attachment goes away and it renders as expected. But seems like an
>>>> extreme solution especially given the fact that Content Disposition
>>>> Filter was used and worked at the previous version mentioned. Please
>>>> note that although I have provided some context about the a specific
>>>> problem, my question is about how to configure "Included Resource
>>>> Paths & Content Types” using path and mime types.
>>>> Thanks!
>>>> Cris
>>
>>

Reply | Threaded
Open this post in threaded view
|

Re: Apache Sling Content Disposition Filter

Joey Smith
Well, the first thing I notice here is that the path in your Content
Disposition Filter doesn't match the path to the DAM resource
(/content/dam/path/robots.txt vs /content/dam/michigan-lsa/admin/robots.txt)

On Tue, Feb 19, 2019 at 11:33 AM Cris Rockwell <[hidden email]> wrote:

> Thanks. Now I know that it can work even though it certainly not working
> for me! Here is the same style of test showing my robots path included w/
> sling.content.disposition.excluded.paths.
>
> curl -fs -u admin:admin '
> http://localhost:4502/system/console/configMgr/org.apache.sling.security.impl.ContentDispositionFilter.json
> '
> [{"pid":"org.apache.sling.security.impl.ContentDispositionFilter","title":"Apache
> Sling Content Disposition Filter","description":"Request filter adding
> Content Disposition header with value 'attachment' for certain
> paths\/content types. Independent of the configuration only resource paths
> are covered which contain a property named 'jcr:data' or
> 'jcr:content\\jcr:data'.","properties":{"sling.content.disposition.paths":{"name":"Included
> Resource Paths & Content
> Types","optional":false,"is_set":true,"type":1,"values":[""],"description":"These
> resource paths are covered by the filter. Each entry is of the form '<path>
> [ : <excluded content type> {,<excluded content type>} ]'. Invalid entries
> are logged and ignored. <path> must be an absolute path and may contain a
> wildcard ('*') at the end, to match every resource path with the given path
> prefix.
> (sling.content.disposition.paths)"},"sling.content.disposition.excluded.paths":{"name":"Excluded
> Resource
> Paths","optional":false,"is_set":true,"type":1,"values":["\/libs\/cq\/ui\/resources\/0.html","\/etc\/dam\/viewers\/s7viewers\/html5\/s7sdkclose.html","\/etc\/dam\/viewers\/s7viewers\/html5\/CarouselViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/eCatalogViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/BasicVideoViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/BasicZoomViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/ZoomViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/FlyoutViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/SpinViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/VideoViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/MixedMediaViewer.html","\/etc\/dam\/viewers\/s7viewers\/html5\/InteractiveImage.html","\/etc\/dam\/viewers\/s7viewers\/html5\/InteractiveVideoViewer.html","\/etc\/dam\/viewers\/s7sdk\/2.9\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/dev\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/2.10\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/2.11\/flash\/VideoPlayer.swf","\/etc\/clientlibs\/foundation\/shared\/endorsed\/swf\/slideshow.swf","\/etc\/dam\/viewers\/s7sdk\/3.0\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/3.1\/flash\/VideoPlayer.swf","\/etc\/dam\/viewers\/s7sdk\/3.2\/flash\/VideoPlayer.swf","\/content\/dam\/path\/robots.txt"],"description":"These
> resource paths are excluded from the filter. Each resource path must be
> given as absolute and fully qualified path. Prefix matching\/wildcards are
> not supported.
> (sling.content.disposition.excluded.paths)"},"sling.content.disposition.all.paths":{"name":"Enable
> For All Resource
> Paths","optional":false,"is_set":true,"type":11,"value":true,"description":"This
> flag controls whether to enable this filter for all paths, except for the
> excluded paths defined by sling.content.disposition.excluded.paths. Setting
> this to 'true' leads to ignoring 'sling.content.disposition.path'.
> (sling.content.disposition.all.paths)"}},"bundleLocation":"","bundle_location":null,"service_location":""}]%
>
> curl -vfs -u admin:admin http://localhost:4502/content/dam/path/robots.txt
> *   Trying ::1...
> * TCP_NODELAY set
> * Connected to localhost (::1) port 4502 (#0)
> * Server auth using Basic with user 'admin'
> > GET /content/dam/michigan-lsa/admin/robots.txt HTTP/1.1
> > Host: localhost:4502
> > Authorization: Basic YWRtaW46YWRtaW4=
> > User-Agent: curl/7.54.0
> > Accept: */*
> >
> < HTTP/1.1 200 OK
> < Last-Modified: Thu, 14 Feb 2019 19:08:25 GMT
> < Content-Disposition: attachment
> < Content-Type: text/plain;charset=iso-8859-1
> < Content-Length: 25
> <
> User-agent: *
> * Connection #0 to host localhost left intact
> Disallow: /%
>
>
>
>
>
>
>
>
> > On Feb 19, 2019, at 11:55 AM, Joey Smith <[hidden email]> wrote:
> >
> > Adding it to "Excluded Resource Paths" works correctly here for me:
> >
> > https://asciinema.org/a/RFi1kQyk4TCoaCoz5d1ss0o7b
> >
> > On Tue, Feb 19, 2019 at 7:28 AM Cris Rockwell <[hidden email]>
> wrote:
> >
> >> Thanks for the reply, but the suggestion does not work. After repeatedly
> >> testing various values and configurations, I have found neither
> >> sling.content.disposition.excluded.paths or
> sling.content.disposition.paths
> >> do anything. Perhaps they won't work when
> >> sling.content.disposition.all.paths is true?
> >>
> >> The link was not useful as documentation since it points to the source,
> >> which define the configuration attribute names and descriptions. The
> names
> >> and descriptions are already obvious when opening the config via
> >> /system/console/configMgr
> >>
> >> Has anyone else successfully set either
> >> sling.content.disposition.excluded.paths or
> sling.content.disposition.paths
> >> in org.apache.sling.security version 1.1.12?
> >>
> >>
> >>
> >>> On Feb 18, 2019, at 4:55 PM, Andres Bott <[hidden email]>
> wrote:
> >>>
> >>> Hey Chris
> >>>
> >>> I think defining an extension as part of the path would cause this not
> >> to work,
> >>> since the extension is not part of the requests path (your examples)
> >>>
> >>> as fas as I can remember, this should look more like:
> >>>
> >>> "/content/path/*:text/plain" this means apply the filter for every path
> >> bellow content/path except for requests to mime/type text requests.
> >>>
> >>> if you need to pinpoint to the robots txt, you could try:
> >> "/content/path/robots:text/plain"
> >>>
> >>> unfortunately the best documentation i found back when I had to deal
> >> with this was:
> >>
> https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java
> >>>
> >>> HTH
> >>>
> >>> Andres
> >>>
> >>>
> >>> El 2019-02-18 22:00, Cris Rockwell escribió:
> >>>> Hello Sling Users
> >>>> I am working on an upgrade and have found the changes to
> >>>> org.apache.sling.security.impl.ContentDispositionFilter present
> >>>> problems with rendering robots.txt (text/plain) from a location
> >>>> managed under the dam. After the upgrade it has the header
> >>>> Content-Disposition: attachment. As a result we have started seeing
> >>>> our testing URL’s in search results, which indicates the search-bots
> >>>> are not opening and reading
> >>>> org.apache.sling.security version 1.1.2      ContentDispositionFilter
> >> had a
> >>>> ranking of -2500 (txt file renders)
> >>>> org.apache.sling.security version 1.1.12     ContentDispositionFilter
> >> had
> >>>> a ranking of 25000 (txt file downloads)
> >>>> My attempts to configure Apache Sling Content Disposition Filter have
> >>>> failed. Adding the fully qualified path to "Excluded Resource Paths"
> >>>> does not work. My question related to the section titled "Included
> >>>> Resource Paths & Content Types.” There is a cryptic instruction copied
> >>>> below. What does this mean? Please provide en example specifying the
> >>>> path, excluded content types
> >>>>> These resource paths are covered by the filter. Each entry is of the
> >> form '<path> [ : <excluded content type> {,<excluded content type>} ]'.
> >> Invalid entries are logged and ignored. <path> must be an absolute path
> and
> >> may contain a wildcard ('*') at the end, to match every resource path
> with
> >> the given path prefix. (sling.content.disposition.paths)
> >>>> I have guessed at different entries, but they do not take affect.
> >>>> /content/path/robots.txt[text/plain]
> >>>> /content/path/robots.txt [text/plain]
> >>>> /content/path/robots.txt:text/plain
> >>>> If I uncheck "Enable For All Resource Paths” in the Apache Sling
> >>>> Content Disposition Filter, then the header Content-Disposition:
> >>>> attachment goes away and it renders as expected. But seems like an
> >>>> extreme solution especially given the fact that Content Disposition
> >>>> Filter was used and worked at the previous version mentioned. Please
> >>>> note that although I have provided some context about the a specific
> >>>> problem, my question is about how to configure "Included Resource
> >>>> Paths & Content Types” using path and mime types.
> >>>> Thanks!
> >>>> Cris
> >>
> >>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Apache Sling Content Disposition Filter

Christopher Rockwell
Yea well... I was trying to avoid disclosing that.





> On Feb 19, 2019, at 2:07 PM, Joey Smith <[hidden email]> wrote:
>
> tch the