diff --git a/src/main/archetype/dispatcher.cloud/src/conf.d/available_vhosts/default.vhost b/src/main/archetype/dispatcher.cloud/src/conf.d/available_vhosts/default.vhost
index e170bd817..e284b2055 100644
--- a/src/main/archetype/dispatcher.cloud/src/conf.d/available_vhosts/default.vhost
+++ b/src/main/archetype/dispatcher.cloud/src/conf.d/available_vhosts/default.vhost
@@ -1,5 +1,5 @@
#
-# This is the default publish virtualhost definition for Apache.
+# This is the default publish virtualhost definition for Apache.
#
# DO NOT EDIT this file, your changes will have no impact on your deployment.
#
@@ -23,7 +23,7 @@ Include conf.d/variables/custom.vars
Header add X-Vhost "publish"
-
+
# Some items cache with the wrong mime type
# Use this option to use the name to auto-detect mime types when cached improperly
@@ -37,7 +37,6 @@ Include conf.d/variables/custom.vars
Options FollowSymLinks
AllowOverride None
- Require all granted
# Insert filter
SetOutputFilter DEFLATE
# Don't compress images
@@ -45,6 +44,10 @@ Include conf.d/variables/custom.vars
# Prevent clickjacking
Header always append X-Frame-Options SAMEORIGIN
+
+ AllowOverride None
+ Require all granted
+
# Enabled to allow rewrites to take affect and not be ignored by the dispatcher module
DispatcherUseProcessedURL On
diff --git a/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf b/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf
index 450e32df6..385e84503 100644
--- a/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf
+++ b/src/main/archetype/dispatcher.cloud/src/conf.d/dispatcher_vhost.conf
@@ -10,6 +10,28 @@ ServerName dispatcher
Include conf.d/variables/default.vars
Include conf.d/variables/global.vars
+
+# WARNING!!! The probe paths below are INTERNAL and RESERVED - please DO NOT USE them in your virtual host configurations!
+
+# Liveness probe URL
+Alias "/system/probes/live" /etc/httpd/probes/live-status.json
+# Readiness probe URL
+Alias "/system/probes/ready" /etc/httpd/probes/ready-status.json
+# Startup probe URL
+Alias "/system/probes/start" /etc/httpd/probes/startup-status.json
+
+# internal probes endpoint
+
+ RewriteEngine Off
+
+
+
+ SetHandler default-handler
+ AllowOverride None
+ Require all granted
+
+
+
#SKYOPS-13837: Proxy static frontend code requests through dispatcher
SSLProxyEngine on
@@ -76,12 +98,18 @@ Include conf.d/variables/global.vars
Header unset Age
-# Allow ingressroute checks through on /systemready (regardless of dispatcher filters)
+# (legacy) Allow ingressroute checks through on /systemready (regardless of dispatcher filters)
ProxyPass http://${AEM_HOST}:${AEM_PORT}/systemready
RewriteEngine Off
+# new Health probe URL to legacy /systemready URL mapping
+
+ ProxyPass http://${AEM_HOST}:${AEM_PORT}/systemready
+ RewriteEngine Off
+
+
# Allow access to CRXDE on dev environment
@@ -93,6 +121,10 @@ Include conf.d/variables/global.vars
# CQ-4287185: Allow access to magento reverse-proxy endpoint
SSLProxyEngine on
+ # CIF-2557 add ProxyRemote to tunnel reverse-proxy traffic through egress proxy if available
+
+ ProxyRemote ${COMMERCE_ENDPOINT} "http://${AEM_HTTP_PROXY_HOST}:${AEM_HTTP_PROXY_PORT}"
+
ProxyPass ${COMMERCE_ENDPOINT}
ProxyPassReverse ${COMMERCE_ENDPOINT}
@@ -107,6 +139,19 @@ Include conf.d/variables/global.vars
Require all denied
+# internal metadata endpoint
+Alias "/gitinit-status" /etc/httpd/metadata/gitinit-status.json
+
+
+ RewriteEngine Off
+
+
+
+ SetHandler default-handler
+ AllowOverride None
+ Require expr "%{HTTP_HOST} == '${POD_NAME}'"
+
+
Include conf.d/enabled_vhosts/*.vhost
# Create a catch-all vhost
diff --git a/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any b/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any
index 5af14b347..43af2ce64 100644
--- a/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any
+++ b/src/main/archetype/dispatcher.cloud/src/conf.dispatcher.d/filters/default_filters.any
@@ -52,7 +52,7 @@
# AEM Forms specific filters
# to allow AF specific endpoints for prefill, submit and sign
-/0032 { /type "allow" /path "/content/forms/af/*" /method "POST" /selectors '(submit|internalsubmit|agreement|signSubmit|prefilldata|save)' /extension '(jsp|json)' }
+/0032 { /type "allow" /path "/content/forms/af/*" /method "POST" /selectors '(submit|internalsubmit|agreement|signSubmit|prefilldata|save|analyticsconfigparser)' /extension '(jsp|json)' }
# to allow AF specific endpoints for thank you page
/0033 { /type "allow" /path "/content/forms/af/*" /method "GET" /selectors '(guideThankYouPage|guideAsyncThankYouPage)' /extension '(html)'}
@@ -69,6 +69,9 @@
# to allow invoke service functionality (FDM)
/0037 { /type "allow" /path "/content/forms/*" /selectors '(af)' /extension '(dermis)' }
+# to allow forms portal draft and submissions component operation servlet
+/0038 { /type "allow" /path "/content/*" /method "GET" /selectors '(fp)' /extension '(operation)' }
+
# AEM Screens Filters
# to allow AEM Screens channels selectors
/0050 { /type "allow" /method "GET" /url "/screens/channels.json" }
@@ -80,6 +83,12 @@
# to allow site30 theme servlet
/0052 { /type "allow" /extension "theme" /path "/content/*" }
+# Allow manifest.webmanifest files located in the content
+/0053 { /type "allow" /extension "webmanifest" /path "/content/*/manifest" }
+
+# Allow Apache Sling Sitemap selectors: sitemap, sitemap-index, sitemap.any-nested-or-named-sitemap
+/0054 { /type "allow" /method "GET" /path "/content/*" /selectors 'sitemap(-index)?' /extension "xml" }
+
# Allow GraphQL & preflight requests
# GraphQL also supports "GET" requests, if you intend to use "GET" add a rule in filters.any
/0060 { /type "allow" /method '(POST|OPTIONS)' /url "/content/_cq_graphql/*/endpoint.json" }
@@ -87,5 +96,5 @@
# GraphQL Persisted Queries & preflight requests
/0061 { /type "allow" /method '(GET|POST|OPTIONS)' /url "/graphql/execute.json*" }
-# Allow Forms Doc Generation requests
-/0062 { /type "allow" /method "POST" /url "/adobe/forms/doc/*" }
+# Allow Forms Document Services requests
+/0062 { /type "allow" /method "POST" /url "/adobe/forms/*" }