Thanks for the reply, but the suggestion does not work. After repeatedly testing various values and configurations, I have found neither sling.content.disposition.excluded.paths or sling.content.disposition.paths do anything. Perhaps they won't work when sling.content.disposition.all.paths is true?
The link was not useful as documentation since it points to the source, which define the configuration attribute names and descriptions. The names and descriptions are already obvious when opening the config via /system/console/configMgr Has anyone else successfully set either sling.content.disposition.excluded.paths or sling.content.disposition.paths in org.apache.sling.security version 1.1.12? > On Feb 18, 2019, at 4:55 PM, Andres Bott <cont...@andresbott.com> wrote: > > Hey Chris > > I think defining an extension as part of the path would cause this not to > work, > since the extension is not part of the requests path (your examples) > > as fas as I can remember, this should look more like: > > "/content/path/*:text/plain" this means apply the filter for every path > bellow content/path except for requests to mime/type text requests. > > if you need to pinpoint to the robots txt, you could try: > "/content/path/robots:text/plain" > > unfortunately the best documentation i found back when I had to deal with > this was: > https://github.com/apache/sling-org-apache-sling-security/blob/master/src/main/java/org/apache/sling/security/impl/ContentDispositionFilterConfiguration.java > > HTH > > Andres > > > El 2019-02-18 22:00, Cris Rockwell escribió: >> Hello Sling Users >> I am working on an upgrade and have found the changes to >> org.apache.sling.security.impl.ContentDispositionFilter present >> problems with rendering robots.txt (text/plain) from a location >> managed under the dam. After the upgrade it has the header >> Content-Disposition: attachment. As a result we have started seeing >> our testing URL’s in search results, which indicates the search-bots >> are not opening and reading >> org.apache.sling.security version 1.1.2 ContentDispositionFilter had a >> ranking of -2500 (txt file renders) >> org.apache.sling.security version 1.1.12 ContentDispositionFilter had >> a ranking of 25000 (txt file downloads) >> My attempts to configure Apache Sling Content Disposition Filter have >> failed. Adding the fully qualified path to "Excluded Resource Paths" >> does not work. My question related to the section titled "Included >> Resource Paths & Content Types.” There is a cryptic instruction copied >> below. What does this mean? Please provide en example specifying the >> path, excluded content types >>> These resource paths are covered by the filter. Each entry is of the form >>> '<path> [ : <excluded content type> {,<excluded content type>} ]'. Invalid >>> entries are logged and ignored. <path> must be an absolute path and may >>> contain a wildcard ('*') at the end, to match every resource path with the >>> given path prefix. (sling.content.disposition.paths) >> I have guessed at different entries, but they do not take affect. >> /content/path/robots.txt[text/plain] >> /content/path/robots.txt [text/plain] >> /content/path/robots.txt:text/plain >> If I uncheck "Enable For All Resource Paths” in the Apache Sling >> Content Disposition Filter, then the header Content-Disposition: >> attachment goes away and it renders as expected. But seems like an >> extreme solution especially given the fact that Content Disposition >> Filter was used and worked at the previous version mentioned. Please >> note that although I have provided some context about the a specific >> problem, my question is about how to configure "Included Resource >> Paths & Content Types” using path and mime types. >> Thanks! >> Cris
