diff --git a/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf b/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf
index 3e48cfbfb..b6368b61f 100644
--- a/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf
+++ b/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf
@@ -15,8 +15,6 @@ Include conf.d/variables/global.vars
# Liveness probe URL
Alias "/system/probes/live" probes/live-status.json
-# Readiness probe URL
-Alias "/system/probes/ready" probes/ready-status.json
# Startup probe URL
Alias "/system/probes/start" probes/startup-status.json
@@ -111,16 +109,53 @@ Alias "/system/probes/start" probes/startup-status.json
-# Legacy /systemready mapped to new Health probe URL /system/probes/health in AEM
-
- ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/health
- RewriteEngine Off
-
-
-# Allow ingressroute checks through on /system/probes/health (regardless of dispatcher filters)
-
- ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/health
- RewriteEngine Off
+# managed redirect maps not configured (= backward-compatible)
+
+ # Legacy /systemready mapped to new Health probe URL /system/probes/health in AEM
+
+ ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/health
+ RewriteEngine Off
+
+
+ # Allow ingressroute checks through on /system/probes/health (regardless of dispatcher filters)
+
+ ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/health
+ RewriteEngine Off
+
+
+# managed redirect maps configured
+
+ # check if traffic can be already allowed to pass (404/redirects not existing yet prevention)
+
+ # Legacy /systemready mapped to new Health probe URL /system/probes/health in AEM
+
+ ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/health
+ RewriteEngine Off
+
+
+ # Allow ingressroute checks through on /system/probes/health (regardless of dispatcher filters)
+
+ ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/health
+ RewriteEngine Off
+
+
+ # else forcing "403 Forbidden" for Health probes
+ # "Any code greater than or equal to 200 and less than 400 indicates success. Any other code indicates failure."
+ # as per https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
+
+
+ Require all denied
+
+
+ Require all denied
+
+
+
+
+# Readiness probe for K8S Endpoints also depends on AEM readiness probe
+
+ ProxyPass http://${AEM_HOST}:${AEM_PORT}/system/probes/ready
+ RewriteEngine Off
# Allow access to CRXDE on dev environment
@@ -228,48 +263,48 @@ Alias "/gitinit-status" metadata/gitinit-status.json
Require expr "%{HTTP_HOST} == '${POD_NAME}'"
-# Dedicated vhost for EaaS:
+# Dedicated vhost for Adobe proxy testing:
# (currently disabled, but customers can expect it to be enabled in future versions - CQ-4349728)
-#
-# ServerName "test.eaas"
-# # possibility to make overrides before directives in this vhost
-# IncludeOptional conf.d/includes/first-listed-vhost.pre.includes
-# # since this vhost is first-listed one, this setting influences other vhosts - see https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestfieldsize
-# LimitRequestFieldSize 32768
-# DocumentRoot /var/www/localhost/htdocs
-# AllowEncodedSlashes NoDecode
-#
-# Header add X-Vhost "test.eaas"
-#
-#
-# Options Indexes FollowSymLinks
-# AllowOverride None
-# Require all granted
-#
-#
-# # SKYOPS-49434: Allow EaaS to access publish instance directly for dev and stage environments when test.eaas vhost is requested
-#
-#
-# ProxyPassMatch http://${AEM_HOST}:${AEM_PORT}
-# RewriteEngine Off
-#
-#
-#
-#
-# ProxyPassMatch http://${AEM_HOST}:${AEM_PORT}
-# RewriteEngine Off
-#
-#
-# # 403 Forbidden on prod
-#
-#
-# RewriteEngine on
-# RewriteRule ^ - [F]
-#
-#
-# # possibility to make overrides after directives in this vhost
-# IncludeOptional conf.d/includes/first-listed-vhost.post.includes
-#
+
+ ServerName "test.proxy"
+ # possibility to make overrides before directives in this vhost
+ IncludeOptional conf.d/includes/first-listed-vhost.pre.includes
+ # since this vhost is first-listed one, this setting influences other vhosts - see https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestfieldsize
+ LimitRequestFieldSize 32768
+ DocumentRoot /var/www/localhost/htdocs
+ AllowEncodedSlashes NoDecode
+
+ Header add X-Vhost "test.proxy"
+
+
+ Options Indexes FollowSymLinks
+ AllowOverride None
+ Require all granted
+
+
+ # SKYOPS-49434: Allow EaaS to access publish instance directly for dev and stage environments when test.proxy vhost is requested
+
+
+ ProxyPassMatch http://${AEM_HOST}:${AEM_PORT}
+ RewriteEngine Off
+
+
+
+
+ ProxyPassMatch http://${AEM_HOST}:${AEM_PORT}
+ RewriteEngine Off
+
+
+ # 403 Forbidden on prod
+
+
+ RewriteEngine on
+ RewriteRule ^ - [F]
+
+
+ # possibility to make overrides after directives in this vhost
+ IncludeOptional conf.d/includes/first-listed-vhost.post.includes
+
# Customer's vhosts:
Include conf.d/enabled_vhosts/*.vhost
diff --git a/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/available_farms/default.farm b/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/available_farms/default.farm
index a6bfbeeaf..a35f6a889 100644
--- a/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/available_farms/default.farm
+++ b/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/available_farms/default.farm
@@ -9,6 +9,9 @@
#
/publishfarm {
+ # Dispatcher Debugging Flag
+ # Include X-Cache-Info response header if X-Dispatcher-Info is in request header
+ # /info "1"
# client headers which should be passed through to the render instances
# (feature supported since dispatcher build 2.6.3.5222)
/clientheaders {
@@ -34,6 +37,7 @@
# /url "/libs/granite/dispatcher/content/vanityUrls.html"
# /file "/tmp/vanity_urls"
# /delay 300
+ # /loadOnStartup 1
# }
# allow propagation of replication posts (should seldomly be used)
/propagateSyndPost "0"
@@ -86,9 +90,17 @@
}
# The ignoreUrlParams section contains query string parameter names that
# should be ignored when determining whether some request's output can be
- # cached or delivered from cache.
+ # cached or delivered from cache. Please only enable one of the examples below.
+ # The recommended setting is to ignore all parameters and selectively allow them. e.g.
+ # /ignoreUrlParams {
+ # /0001 { /glob "*" /type "allow" }
+ # /0002 { /glob "page" /type "deny" }
+ # /0003 { /glob "product" /type "deny" }
+ # }
+ #
# In this example configuration, the "q" parameter will be ignored as
# well as general marketing related parameters such as e.g. utm_campaign.
+ # If any other parameters are specified the request gets forwarded to the publisher.
# Marketing parameters can normally be ignored on most websites as they are tracked
# through different means.
# /ignoreUrlParams {
diff --git a/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any b/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any
index ae35ff0ec..e1aa7229c 100644
--- a/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any
+++ b/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any
@@ -96,8 +96,8 @@
# GraphQL Persisted Queries & preflight requests
/0061 { /type "allow" /method '(GET|POST|OPTIONS)' /url "/graphql/execute.json*" }
-# Allow Forms Document Services requests
-/0062 { /type "allow" /method '(GET|POST)' /url "/adobe/forms/*" }
+# Allow Adaptive Form & Document Services requests
+/0062 { /type "allow" /method '(GET|POST|OPTIONS)' /url "/adobe/forms/*" }
# Allow PUT for Forms DocAssurance Services Decryption API
/0063 { /type "allow" /method "PUT" /url "/adobe/forms/document/assure/encrypt" }