Documentation

How to check URLs blocked by XSS Protection | AEM

Last update: Wed Mar 06 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

Learn how to check URLs blocked by Cross-site scripting (XSS) Protection in Adobe Experience Manager with the steps outlined in this article.

Description description

Environment

Adobe Experience Manager

Issue/Symptoms

If you’re experiencing an issue where a link URL is not being rendered on a page in Adobe Experience Manager (AEM), it could be due to Cross-site scripting (XSS) Protection. This security feature prevents invalid URLs that may cause XSS attacks from being displayed. To troubleshoot this issue, one can check the URLs that have been blocked by the XSS Protection feature.
The article provides step-by-step instructions on how to do this.

Follow the AEM 6.5 Security User guide for more details on XSS Protection

Resolution resolution

Check the blocked URLs as follows:

  1. Go to Web Console > Sling > XSS Protection (or Access http://localhost:4502/system/console/xssprotection)

  2. Check URL and Times Blocked values under Blocked URLs in Status tab

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f