AEM Code Snippets

How to use a sling service in sightly page without using javascript?

When you try to access sling.getService() in Sightly you will see compilation error "sling cannot be resolved". 
So this can be achieved in sightly using below code snippet.

public class Search extends WCMUse {

    SearchService service

    @Override
    public void activate() throws Exception {
        service = getSlingScriptHelper().getService( SearchService.class );
    }

For AEM 6.2 we can get the service as below
<p data-sly-use.search="com.your.package.SearchServiceImpl">
   ${search.results}
</p>
========================================================================================================

XSS Protection for AEM Servlets:

Add XSS protection in AEM servlets using Apache Sling XSSAPI to avoid any scripts tag injected into request. This avoid any penetration issues.

import org.apache.sling.xss.XSSAPI; 
import org.apache.sling.api.SlingHttpServletRequest; 

XSSAPI xssapi = slingHttpServletRequestObj.adaptTo(XSSAPI.class); 
  String encodedAttr = xssapi.encodeForHTMLAttr(someUnsafeValue);

Default XSS configuration in AEM is available at /libs/cq/xssprotection/config.xml
3 comments :

3 comments :

  1. Avishek Priyadarshi13 December 2017 at 10:09

    I really appreciate the information shared above. It’s of great help. If someone wants to learn Online (Virtual) instructor lead live training in #VEEVA #CRM, kindly contact us http://www.maxmunus.com/contact
    MaxMunus Offer World Class Virtual Instructor-led training on #VEEVA #CRM. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ pieces of training in India, USA, UK, Australia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain, and UAE etc.
    Avishek Priyadarshi
    MaxMunus
    E-mail: avishek@maxmunus.com
    Skype id: avishek_2.
    Ph:(0) 8553177744 / 080 - 41103383
    http://www.maxmunus.com/

    ReplyDelete
  2. Avishek Priyadarshi24 December 2017 at 10:58

    I really appreciate the information shared above. It’s of great help. MaxMunus provides Remote Support For Corporate and for Individuals. If anyone is facing any issue in his project of #VEEVA #CRM we can support them remotely , kindly Contact MaxMunus
    MaxMunus Offer World Class Industry best Consultant on #VEEVA #VEEVA. We provide end to end Remote Support on Projects. MaxMunus is successfully doing remote support for countries like India, USA, UK, Australia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain, and UAE etc.
    Avishek Priyadarshi
    MaxMunus
    E-mail: avishek@maxmunus.com
    Skype id: avishek_2.
    Ph:(0) 8553177744 / 080 - 41103383
    www.MaxMunus.com

    ReplyDelete
  3. Mad Designs30 May 2021 at 00:36

    It is genuinely a well-informed substance and brilliant phrasing. I got so occupied with this material that I was unable to hold back to peruse. I'm dazzled with your work and expertise. Glad to learn about AEM, thanks for sharing. Top Development Agencies in India

    ReplyDelete

Subscribe to: Posts ( Atom )
Privacy Policy Contact Us