Vulnerability in EPiServer.Forms
I am getting following error while adding/updating content. Also, the cotent is not indexing during this (adding/updating content).
But, if I run the indexing job (EPiServer Find Content Indexing Job) the content is successfully indexing.
Here is the detailed error:
ERROR EPiServer.Find.Cms.ContentEventIndexer: An exception occurred while indexing (IContent). The remote server returned an error: (403) Forbidden.
Your key is not authorized to access (POST) '/_bulk'.
EPiServer.Find.ServiceException: The remote server returned an error: (403) Forbidden.
Your key is not authorized to access (POST) '/_bulk' ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
at EPiServer.Find.Api.Command.GetResponse[TResult](IJsonRequest request)
--- End of inner exception stack trace ---
at EPiServer.Find.Api.BulkCommand.Execute(List`1& serializationFailures)
at EPiServer.Find.Client.Index(IEnumerable objectsToIndex, Boolean deleteLanguageRoutingDuplicatesOnIndex)
at EPiServer.Find.Cms.ContentIndexer.IndexWithRetry(IContent contents, Int32 maxRetries, Boolean deleteLanguageRoutingDuplicatesOnIndex)
at EPiServer.Find.Cms.ContentIndexer.Index(IEnumerable`1 content, IndexOptions options)
at EPiServer.Find.Cms.ContentEventIndexer.Index(IEnumerable`1 contentLinks)
at EPiServer.Find.Cms.ContentEventIndexer.Sync(IEnumerable`1 contentToIndex, HashSet`1 contentToIndexSet, Func`1 index)
at EPiServer.Find.Cms.ContentEventIndexer.IndexPageQueue(IEnumerable`1 contentToIndex)
It sounds like a problem with the index actually. Can you try with another index? ( yeah I don't know why it "works" with the scheduled job.
Sorry to say that, I already tried in that way :)
I tried followings
So, is there any setting to stop indexing while content update/adding? That may be the reason.
It doesn't make any sense to me, what you want to say? Do you have reference for your suggested resolution of this issue?
I have also seen this error message, but do not remember where.Is it on the live index or on a developer/demo index?
It's on developer index. But I tried clearing/deleting indexes to avoid issue of max allowed limited.
If requests in general works well, which seems to be the case here, this is most of the time caused by a bulk request with an empy payload. In an upcoming version of the Find backend these requests will be responded with a HTTP 400 (bad request) instead of a HTTP 403 (forbidden) which is a more accurate response.
In 95% of the support cases on this topic the root cause is a serialization error during population of the request which causes the request to be empty. In Find 13.2 empty requests won't be allowed to be sent.
The concern with this kind of problem is that it's not appearing in any indexing logs or any find debug logs and therefor hard to troubleshoot.
A partner developer wrote a good blog post on the subject - how to trace the serialization exception and find the item and/or type that cause it.
Thanks for replying.
The link of blog post you shared, sounds meaningful to me. Although we don't have exact solution to the problem, but at least we have some direction on that for actual cause.
Thanks and regards,
If you want we could in application support confirm whether your bulk requests are in fact empty.