Adding it to "Excluded Resource Paths" works correctly here for me:
https://asciinema.org/a/RFi1kQyk4TCoaCoz5d1ss0o7b On Tue, Feb 19, 2019 at 7:28 AM Cris Rockwell <[email protected]> wrote: > Thanks for the reply, but the suggestion does not work. After repeatedly > testing various values and configurations, I have found neither > sling.content.disposition.excluded.paths or sling.content.disposition.paths > do anything. Perhaps they won't work when > sling.content.disposition.all.paths is true? > > The link was not useful as documentation since it points to the source, > which define the configuration attribute names and descriptions. The names > and descriptions are already obvious when opening the config via > /system/console/configMgr > > Has anyone else successfully set either > sling.content.disposition.excluded.paths or sling.content.disposition.paths > in org.apache.sling.security version 1.1.12? > > > > > On Feb 18, 2019, at 4:55 PM, Andres Bott <[email protected]> wrote: > > > > Hey Chris > > > > I think defining an extension as part of the path would cause this not > to work, > > since the extension is not part of the requests path (your examples) > > > > as fas as I can remember, this should look more like: > > > > "/content/path/*:text/plain" this means apply the filter for every path > bellow content/path except for requests to mime/type text requests. > > > > if you need to pinpoint to the robots txt, you could try: > "/content/path/robots:text/plain" > > > > unfortunately the best documentation i found back when I had to deal > with this was: > https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java > > > > HTH > > > > Andres > > > > > > El 2019-02-18 22:00, Cris Rockwell escribió: > >> Hello Sling Users > >> I am working on an upgrade and have found the changes to > >> org.apache.sling.security.impl.ContentDispositionFilter present > >> problems with rendering robots.txt (text/plain) from a location > >> managed under the dam. After the upgrade it has the header > >> Content-Disposition: attachment. As a result we have started seeing > >> our testing URL’s in search results, which indicates the search-bots > >> are not opening and reading > >> org.apache.sling.security version 1.1.2 ContentDispositionFilter > had a > >> ranking of -2500 (txt file renders) > >> org.apache.sling.security version 1.1.12 ContentDispositionFilter > had > >> a ranking of 25000 (txt file downloads) > >> My attempts to configure Apache Sling Content Disposition Filter have > >> failed. Adding the fully qualified path to "Excluded Resource Paths" > >> does not work. My question related to the section titled "Included > >> Resource Paths & Content Types.” There is a cryptic instruction copied > >> below. What does this mean? Please provide en example specifying the > >> path, excluded content types > >>> These resource paths are covered by the filter. Each entry is of the > form '<path> [ : <excluded content type> {,<excluded content type>} ]'. > Invalid entries are logged and ignored. <path> must be an absolute path and > may contain a wildcard ('*') at the end, to match every resource path with > the given path prefix. (sling.content.disposition.paths) > >> I have guessed at different entries, but they do not take affect. > >> /content/path/robots.txt[text/plain] > >> /content/path/robots.txt [text/plain] > >> /content/path/robots.txt:text/plain > >> If I uncheck "Enable For All Resource Paths” in the Apache Sling > >> Content Disposition Filter, then the header Content-Disposition: > >> attachment goes away and it renders as expected. But seems like an > >> extreme solution especially given the fact that Content Disposition > >> Filter was used and worked at the previous version mentioned. Please > >> note that although I have provided some context about the a specific > >> problem, my question is about how to configure "Included Resource > >> Paths & Content Types” using path and mime types. > >> Thanks! > >> Cris > >
