AI OnAI Off
Hi Ted
I had a similar issue some months ago, where a script tag could not be saved in a text property. Cloudflare WAF blocked the POST request because it triggered their XSS blocking rules.
DXP Support solved it by disabling WAF for "/episerver/cms/stores/*" requests. Might be worth trying.
We experience SelectionQuery REST store requests failing in DXP.
We have a property like:
Searches work fine both locally and in DXP, with requests URLs like: /EPiServer/Shell/stores/selectionquery/Features.Video.Vimeo.VimeoVideoSelectionQuery/?name=foo*
However, the autocomplete textbox doesn't retain its value in the UI, because store requests for the current value fail with a 404: /EPiServer/Shell/stores/selectionquery/Features.Video.Vimeo.VimeoVideoSelectionQuery/https%3a%2f%2fvimeo.com%2f310066821%2fab94f36985
The value of the selected item in this case is an encoded URL. Without encoding the URL value, the request fails both locally and on DXP (which makes perfect sense).
But since it works locally with an encoded URL value, I think it should work in DXP as well. The only obvious difference is DXP being behind Cloudflare.
I really wish the value would be included in the request body rather than the URL for the store request, but for now I'm trying to figure out why this works locally but not in DXP.
Any bright ideas? :)