cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Clickjacking issue - adding multiple url patterns in a single filter mapping

Abdul L Koyappayil
Explorer ,
Sep 24, 2014 Sep 24, 2014

Copy link to clipboard

Copied

This is regarding Clickjacking issue. To prevent the clickjacking issue I have added the below setting in the config file (web.xml).


<filter-mapping>
<filter-name>CFClickJackFilterDeny</filter-name>
<url-pattern>https://abcd.rw.xyz.com/mer/nao/app_v4/*</url-pattern>
</filter-mapping>


I have one doubt here . I need to prevent this clickjacking issue for another application as well ( say , https://abcd.rw.xyz.com/mer/nao/app_v5/*). But I did this by adding one more filter-mapping , apart from the one mentioned above, in the config file . Can I achieve this by adding multiple url-patterns in the same filter-mapping?.If possible which is the best method?. I mean creating a new filter-mapping or adding more than one url patterns in the same filter-mapping?.


Any idea or thoughts well appreciated?

Views

2.6K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

BKBK Community Expert
Community Expert , Sep 24, 2014 Sep 24, 2014

In this case, you may use one set of <filter-mapping><filter-name> elements with multiple <url-pattern> elements. That design is actually better than one in which you set one url-pattern for each <filter-mapping> element. In the latter design, the underlying Java code will create extra objects to represent the additional filter mappings, unnecessarily.

Votes

Translate

Translate
replies 6 Replies 6
latest latest Jump to latest reply
BKBK Community Expert
Community Expert ,
Sep 24, 2014 Sep 24, 2014

Copy link to clipboard

Copied

In this case, you may use one set of <filter-mapping><filter-name> elements with multiple <url-pattern> elements. That design is actually better than one in which you set one url-pattern for each <filter-mapping> element. In the latter design, the underlying Java code will create extra objects to represent the additional filter mappings, unnecessarily.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Abdul L Koyappayil
Explorer ,
Sep 24, 2014 Sep 24, 2014

Copy link to clipboard

Copied

In Response To BKBK

Is it like below.

<filter-mapping>

  <filter-name>CFClickJackFilterDeny</filter-name>

  <url-pattern>/mer/nao/app_v4/*</url-pattern>

  <url-pattern>/mer/nao/app_v5/*</url-pattern>

</filter-mapping>

Just to check the rule is correct or not.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Sep 24, 2014 Sep 24, 2014

Copy link to clipboard

Copied

In Response To Abdul L Koyappayil

Right.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Sep 25, 2014 Sep 25, 2014

Copy link to clipboard

Copied

In Response To Abdul L Koyappayil

It would benefit many to know how you got on with your settings for multiple url-patterns. Would you please share your experience with us?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Abdul L Koyappayil
Explorer ,
Sep 29, 2014 Sep 29, 2014

Copy link to clipboard

Copied

In Response To BKBK

Sorry for the delay..... Its working fine using multiple url-patterns as well.... Thanks BK

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Sep 30, 2014 Sep 30, 2014

Copy link to clipboard

Copied

LATEST
In Response To Abdul L Koyappayil

@Abdul

Thanks for sharing your experience.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices