<cfajaxproxy> with a Locked-Down Administrator

Hi Folks,

I’ve got an ACF => Lucee migration where I’m running into the following
problem.

The app, unfortunately, makes use of . I can’t strip that out
right now, and I’ve got to make it work as-is.

On dev, it works, and calls:

https://dev.site.com/mapping-tag/lucee/core/ajax/JSLoader.cfc?method=get&lib=LuceeAjax

However, on stage, I’ve got the admin locked down with:

<Location ~ “/(lucee|railo-context)”>
Order deny,allow
Deny from 10.17

I’ve seen posts about this, but haven’t seen solid fixes recommended.

What’s the “right” way to fix this? Apache directory alias? If so, what’s
the alias–specifically to allow (and preferably, only
) to work. Is there any other functionality that might be
broken on stage that I don’t know about yet? (I don’t have any other of
those goofy tags in play, so I don’t care about , or whatever.)

Thanks,
Jamie

P.S. This is a Mura app, but I don’t think that’s relevant, because it
works on dev, where the admin isn’t blocked.

I forgot to mention the actual symptom:

On stage, this throws a 404:

https://stage.site.com/mapping-tag/lucee/core/ajax/JSLoader.cfc?method=get&lib=LuceeAjaxOn Thursday, March 26, 2015 at 4:09:38 PM UTC-4, Jamie Jackson wrote:

Hi Folks,

I’ve got an ACF => Lucee migration where I’m running into the following
problem.

The app, unfortunately, makes use of . I can’t strip that out
right now, and I’ve got to make it work as-is.

On dev, it works, and calls:

https://dev.site.com/mapping-tag/lucee/core/ajax/JSLoader.cfc?method=get&lib=LuceeAjax

However, on stage, I’ve got the admin locked down with:

<Location ~ “/(lucee|railo-context)”>
Order deny,allow
Deny from 10.17

I’ve seen posts about this, but haven’t seen solid fixes recommended.

What’s the “right” way to fix this? Apache directory alias? If so, what’s
the alias–specifically to allow (and preferably, only
) to work. Is there any other functionality that might be
broken on stage that I don’t know about yet? (I don’t have any other of
those goofy tags in play, so I don’t care about , or whatever.)

Thanks,
Jamie

P.S. This is a Mura app, but I don’t think that’s relevant, because it
works on dev, where the admin isn’t blocked.