Hybris ERR_TOO_MANY_REDIRECTS with Apache AJP proxy?

Problem statement:

We have setup Apache as the reverse proxy using mod_proxy_ajp. When we access any Product or Category having "+" in their name, we get ERR_TOO_MANY_REDIRECTS error.

Solution:

The way Apache handles "+", causes a redirection loop. You can add "nocanon" to your ajp directives to resolve this. Now you are free to use "+" character in the product name.
...
<VirtualHost *:443>
        ...
        ProxyPass       /       ajp://localhost:8009/ nocanon
</VirtualHost>
... 



Allow slash [will not work with Hybris]

If you also want to allow slash "\", then you should configure the proxy server to pass the request URL with no decoded for it. check the below configuration using AllowEncodedSlashes NoDecode
<VirtualHost *:443>
        ...
        AllowEncodedSlashes NoDecode
        ProxyPass       /       ajp://localhost:8009/ nocanon
</VirtualHost>

ProxyPass Keywords nocanon

Normally, mod_proxy will canonicalise ProxyPassed URLs. But this may be incompatible with some backends, particularly those that make use of PATH_INFO. The optional nocanon keyword suppresses this and passes the URL path "raw" to the backend. Note that this keyword may affect the security of your backend, as it removes the normal limited protection against URL-based attacks provided by the proxy.


AllowEncodedSlashes Directive

The AllowEncodedSlashes directive allows URLs which contain encoded path separators (%2F for / and additionally %5C for \ on accordant systems) to be used in the path info.
With the default value, Off, such URLs are refused with a 404 (Not found) error.
With the value On, such URLs are accepted, and encoded slashes are decoded like all other encoded characters.
With the value NoDecode, such URLs are accepted, but encoded slashes are not decoded but left in their encoded state.
Turning AllowEncodedSlashes On is mostly useful when used in conjunction with PATH_INFO.

Note

If encoded slashes are needed in path info, use of NoDecode is strongly recommended as a security measure. Allowing slashes to be decoded could potentially allow unsafe paths.

Author Image

Ankitkumar Patel

Sr. SAP Hybris consultant, having 15+ years experience in SAP Commerce Cloud (Hybris), SAP Spartacus. Extensive experience in SAP Hybris development, third-party integrations, project architecture and design... Read more

Comments

Post a Comment

Popular posts from this blog

Hybris flexible search query examples

Use of Enum in the query Find all running Solr Index jobs select {cj.code},{enum:code},{cj.startTime},{cj.endTime} from { SolrIndexerCronJob! as cj join EnumerationValue as enum on {cj.status}={enum.pk} } where {enum:code} = 'RUNNING' Compare Date in the flexiblesearch query Find all running Solr Index jobs from the given date select {cj.code},{enum:code},{cj.startTime},{cj.endTime} from { SolrIndexerCronJob! as cj join EnumerationValue as enum on {cj.status}={enum.pk} } where {enum:code} = 'RUNNING' and {cj.startTime} >= TO_DATE('2021/12/25','YYYY/MM/DD') Basic  JOIN  and  IN  query Get the most recent order for each customer using flexible search. select {o.code} as orderCode, {c.name} as name, {a.cellphone} as cellphone from {order as o join Customer as c on {c.pk} = {o.user} join Address as a on {o.deliveryaddress} = {a.pk} } where {o.code} in ({{select max({cod
Read more

How to Install temporary Hybris license?

LICENSE VERIFICATION HAS FAILED! Your demo/develop license has expired, it is valid only for 30 days. How to install temp SAP Hybris license? Don't worry, you can install a temporary license. To install a temporary license 1) Remove  installedSaplicenses.properties  from the license folder \hybris\config\licence 2) Go to the Platform directory and run the  ./license.sh -temp CPS_SQL  or  license.bat -temp CPS_SQL . If you are using DB other than HSQL you can choose the right command based on your DB.   Windows run  license.bat  instead of  ./license.sh OOTB HSQL DB ./license.sh -temp CPS_SQL MySQL DB ./license.sh -temp CPS_MYS Oracle DB ./license.sh -temp CPS_ORA SQL Server DB ./license.sh -temp CPS_MSS SAP Hana DB ./license.sh -temp CPS_HDB Once you install using the above command, You will get a message like First temporary license key installed. 3) Verify your license by running  ./license.sh -show , which will give you System, Hardwar
Read more

How to remove or update all data records in Hybris?

Scenario 1: I want to remove all the data from the Hybris ItemType. Solution: If you want to remove all records for particular itemType. Then you can do it using HAC Impex import. Open HAC (/hac) Go to console > ImpEx Import Run the below Impex (Change MyItemType with the ItemType for which you want to remove the data) $targetType=MyItemType REMOVE $targetType[batchmode=true];itemtype(code)[unique=true] ;$targetType Scenario 2: Sometimes, you want to remove selected data based on some condition or probably want to run complex SQL query. Then we wish if we could do it by writing SQL query, as many of developers are aware of syntax and its resources are easily available. Solution: Yes, you can do it in Hybris HAC also. Only thing is you should know the appropriate table and attribute/fields names in DB. If you don't, you can always run the select flexible search query and can see generated SQL query. Open HAC (/hac) Go to console > FlexibleSearch Se
Read more