Setting Up Sitecore Reflection authorization for the connector methods
4 minute read
As from June 20, 2023. According to the security meassures applied by Sitecore, and described in the Security Bulletin SC2023-003-587441. Sitecore configuration requires adding an explicit list of the connector methods that are allowed to be invoked using reflection.
To prepare Sitecore to allow the connector methods being invoked using reflection:
- Open
Sitecore.Reflection.Filtering.config
for editing.
- In Sitecore 8.x, this file is in the following location: \Website\App_Config\Include.
- In Sitecore 9.x and above, this file is in the following location: \App_Config\Sitecore\CMS.Core.
- Add the explicit inclusion of the connector methods as following:
<configuration xmlns:role="http://www.sitecore.net/xmlconfig/role/" xmlns:security="http://www.sitecore.net/xmlconfig/security/" xmlns:patch="http://www.sitecore.net/xmlconfig/">
<sitecore>
<reflection>
<allowedMethods>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="Add_Branch_Click" assemblyName="ClayTablet.SC" hint="CT3Add_Branch_Click"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="Add_Item_Support_Click" assemblyName="ClayTablet.SC" hint="CT3Add_Item_Support_Click"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="Add_Rootonly_Click" assemblyName="ClayTablet.SC" hint="CT3Add_Rootonly_Click"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnFieldClicked" assemblyName="ClayTablet.SC" hint="CT3OnFieldClicked"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnSourceChanged" assemblyName="ClayTablet.SC" hint="CT3OnSourceChanged"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="Add_Branch_Support_Click" assemblyName="ClayTablet.SC" hint="CT3Add_Branch_Support_Click"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="Remove_Branch_Click" assemblyName="ClayTablet.SC" hint="CT3Remove_Branch_Click"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="CreationDateFilter_ClearFilter" assemblyName="ClayTablet.SC" hint="CT3CreationDateFilter_ClearFilter"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="ModificationDateFilter_ClearFilter" assemblyName="ClayTablet.SC" hint="CT3ModificationDateFilter_ClearFilter"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="PublishFilter_ClearFilter" assemblyName="ClayTablet.SC" hint="CT3PublishFilter_ClearFilter"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnSelectAllToggle" assemblyName="ClayTablet.SC" hint="CT3OnSelectAllToggled"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnUnSelectBranchFromTree" assemblyName="ClayTablet.SC" hint="CT3OnUnSelectBranchFromTree"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnRemoveItems" assemblyName="ClayTablet.SC" hint="OnRemoveItems"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnChangeSendTo" assemblyName="ClayTablet.SC" hint="CT3OnChangeSendTo"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnSelectBranchFromTree" assemblyName="ClayTablet.SC" hint="CT3OnSelectBranchFromTree"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="RefreshSendStatus" assemblyName="ClayTablet.SC" hint="CT3RefreshSendStatus"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnItemUpdate" assemblyName="ClayTablet.SC" hint="CT3OnItemUpdate"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnChangeProvider" assemblyName="ClayTablet.SC" hint="CT3OnChangeProvider"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="chooseSelectItemByJob" assemblyName="ClayTablet.SC" hint="CT3chooseSelectItemByJob"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="sortJobsByDate" assemblyName="ClayTablet.SC" hint="CT3sortJobsByDate"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="AddItem" assemblyName="ClayTablet.SC" hint="CT3AddItem"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="AddItems" assemblyName="ClayTablet.SC" hint="CT3AddItems"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="UpdateCheckedCount" assemblyName="ClayTablet.SC" hint="CT3UpdateCheckedCount"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="AddVersionItemsToList" assemblyName="ClayTablet.SC" hint="CT3AddVersionItemsToList"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="selectAllTargets" assemblyName="ClayTablet.SC" hint="CT3selectAllTargets"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="deselectAllTargets" assemblyName="ClayTablet.SC" hint="CT3deselectAllTargets"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="ToggleSelectBranch" assemblyName="ClayTablet.SC" hint="CT3ToggleSelectBranch"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnSelectNone" assemblyName="ClayTablet.SC" hint="CTOnSelectNone"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3Cancel"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3EndWizard"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3OnCancel"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="GetSelectedItems" assemblyName="ClayTablet.SC" hint="CT3GetSelectedItems"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="AddSubItems" assemblyName="ClayTablet.SC" hint="CT3AddSubItems"/>
<descriptor type="ClayTablet.SC.CT3_BulkTranslation" methodName="sortJobsByName" assemblyName="ClayTablet.SC" hint="CT3sortJobsByName"/>
<descriptor type="ClayTablet.SC.CT3_AddFilter" methodName="OnFieldClicked" assemblyName="ClayTablet.SC" hint="CT3AFOnFieldClicked"/>
<descriptor type="ClayTablet.SC.CT3_AddFilter" methodName="OnOptionFieldClicked" assemblyName="ClayTablet.SC" hint="CT3AFOnOptionFieldClicked"/>
<descriptor type="ClayTablet.SC.CT3_AddFilter" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3AFOnCancel"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnChangeSendTo" assemblyName="ClayTablet.SC" hint="CT3Translation_OnChangeSendTo"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnChangeLng" assemblyName="ClayTablet.SC" hint="CT3Translation_OnChangeLng"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnChangeProvider" assemblyName="ClayTablet.SC" hint="CT3Translation_OnChangeProvider"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3Translation_OnLoad"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="GetSelectedItem" assemblyName="ClayTablet.SC" hint="CT3Translation_GetSelectedItem"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnPreRender" assemblyName="ClayTablet.SC" hint="CT3Translation_OnPreRender"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="InsertFormat" assemblyName="ClayTablet.SC" hint="CT3Translation_InsertFormat"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="RefreshLanguagesForProfile" assemblyName="ClayTablet.SC" hint="CT3Translation_RefreshLanguagesForProfile"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3Translation_OnCancel"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnAccountChanged" assemblyName="ClayTablet.SC" hint="CT3Translation_OnAccountChanged"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="ShowMessageBar" assemblyName="ClayTablet.SC" hint="CT3Translation_ShowMessageBar"/>
<descriptor type="ClayTablet.SC.CT3_Translation" methodName="OnOK" assemblyName="ClayTablet.SC" hint="CT3Translation_OnOK"/>
<descriptor type="Sc.ClayTablet.WorkboxEx.ExWorkboxForm" methodName="LanguageChange" assemblyName="Sc.ClayTablet.WorkboxEx" hint="CT3LanguageChange"/>
<descriptor type="Sc.ClayTablet.WorkboxEx.ExWorkboxForm" methodName="SortChange" assemblyName="Sc.ClayTablet.WorkboxEx" hint="CT3SortChange"/>
<descriptor type="Sc.ClayTablet.WorkboxEx.ExWorkboxForm" methodName="OrderChange" assemblyName="Sc.ClayTablet.WorkboxEx" hint="CT3OrderChange"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="RefreshPrepStatus" assemblyName="ClayTablet.SC" hint="CT3RefreshPrepStatus"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3BTUOnCancel"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="RefreshSendStatus" assemblyName="ClayTablet.SC" hint="CT3BTURefreshSendStatus"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="ActivePageChanged" assemblyName="ClayTablet.SC" hint="CT3BTUActivePageChanged"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="ActivePageChanging" assemblyName="ClayTablet.SC" hint="CT3BTUActivePageChanging"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3BTUCancel"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3BTUEndWizard"/>
<descriptor type="ClayTablet.SC.CT3_BatchTmUpdate" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3BTUOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnAccountChanged" assemblyName="ClayTablet.SC" hint="CT3OnAccountChanged"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnAddItems" assemblyName="ClayTablet.SC" hint="CT3OnAddItems"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3OnCancel"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnChangeProvider" assemblyName="ClayTablet.SC" hint="CT3OnChangeProvider_SendItem"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnChangeSendTo" assemblyName="ClayTablet.SC" hint="CT3OnChangeSendTo_SendItem"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnOK" assemblyName="ClayTablet.SC" hint="CT3OnOK"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnPreRender" assemblyName="ClayTablet.SC" hint="CT3OnPreRender_SendItem"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnProfileSwitchItems" assemblyName="ClayTablet.SC" hint="CT3OnProfileSwitchItems"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnRemoveItems" assemblyName="ClayTablet.SC" hint="CT3OnRemoveItems_SendItem"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3OnLoad_SendItems"/>
<descriptor type="ClayTablet.SC.CT3_SendItems" methodName="ItemsInTranslationShowDetails" assemblyName="ClayTablet.SC" hint="CT3ItemsInTranslationShowDetails"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnPreRender" assemblyName="ClayTablet.SC" hint="CT3ITSFOnPreRender"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnClickReload" assemblyName="ClayTablet.SC" hint="CT3ITSFOnClickReload"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="doListStatus" assemblyName="ClayTablet.SC" hint="CT3ITSFdoListStatus"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnApproveQueueItem" assemblyName="ClayTablet.SC" hint="CT3ITSFOnApproveQueueItem"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnCancelTranslation" assemblyName="ClayTablet.SC" hint="CT3ITSFOnCancelTranslation"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnDeleteQueueItem" assemblyName="ClayTablet.SC" hint="CT3ITSFOnDeleteQueueItem"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnTnsCorrection" assemblyName="ClayTablet.SC" hint="CT3ITSFOnTnsCorrection"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnUpdateTM" assemblyName="ClayTablet.SC" hint="CT3ITSFOnUpdateTM"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="HandleMessage" assemblyName="ClayTablet.SC" hint="CT3ITSFHandleMessage"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="Load" assemblyName="ClayTablet.SC" hint="CT3ITSFLoad"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3ITSFOnLoad"/>
<descriptor type="ClayTablet.SC.ItemTnsStatusForm" methodName="GetContextMenu" assemblyName="ClayTablet.SC" hint="CT3ITSFGetContextMenu"/>
<descriptor type="ClayTablet.SC.CT3_BranchSelection" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3BSOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_BranchSelection" methodName="OnOK" assemblyName="ClayTablet.SC" hint="OnOK"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3CBOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="ActivePageChanging" assemblyName="ClayTablet.SC" hint="CT3CBActivePageChanging"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="ActivePageChanged" assemblyName="ClayTablet.SC" hint="CT3CBActivePageChanged"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3CEndWizard"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3CBCancel"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3CBOnCancel"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="DoClear" assemblyName="ClayTablet.SC" hint="CT3CBDoClear"/>
<descriptor type="ClayTablet.SC.CT3_ClearBackup" methodName="CleanDataPipeline" assemblyName="ClayTablet.SC" hint="CT3CBCleanDataPipeline"/>
<descriptor type="ClayTablet.SC.CT3_DisplayNameTranslation" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3DNTOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_DisplayNameTranslation" methodName="ActivePageChanged" assemblyName="ClayTablet.SC" hint="CT3DNTActivePageChanged"/>
<descriptor type="ClayTablet.SC.CT3_DisplayNameTranslation" methodName="ActivePageChanging" assemblyName="ClayTablet.SC" hint="CT3DNTActivePageChanging"/>
<descriptor type="ClayTablet.SC.CT3_DisplayNameTranslation" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3DNTEndWizard"/>
<descriptor type="ClayTablet.SC.CT3_DisplayNameTranslation" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3DNTCancel"/>
<descriptor type="ClayTablet.SC.CT3_DisplayNameTranslation" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3DNTOnCancel"/>
<descriptor type="ClayTablet.SC.CT3_ItemDetailsDialog" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3IDDOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_SendingJobStatus" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3SJTOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_TnsCorrection" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3TCOnLoad"/>
<descriptor type="ClayTablet.SC.CT3_TnsCorrection" methodName="ActivePageChanging" assemblyName="ClayTablet.SC" hint="CT3TCActivePageChanging"/>
<descriptor type="ClayTablet.SC.CT3_TnsCorrection" methodName="ActivePageChanged" assemblyName="ClayTablet.SC" hint="CT3TCActivePageChanged"/>
<descriptor type="ClayTablet.SC.CT3_TnsCorrection" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3TCEndWizard"/>
<descriptor type="ClayTablet.SC.CT3_TnsCorrection" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3TCCancel"/>
<descriptor type="ClayTablet.SC.CT3_TnsCorrection" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3TCOnCancel"/>
<descriptor type="ClayTablet.SC.CT3_UpdateTM" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3UT_OnLoad"/>
<descriptor type="ClayTablet.SC.CT3_UpdateTM" methodName="ActivePageChanging" assemblyName="ClayTablet.SC" hint="CT3UT_ActivePageChanging"/>
<descriptor type="ClayTablet.SC.CT3_UpdateTM" methodName="ActivePageChanged" assemblyName="ClayTablet.SC" hint="CT3UT_ActivePageChanged"/>
<descriptor type="ClayTablet.SC.CT3_UpdateTM" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3UT_EndWizard"/>
<descriptor type="ClayTablet.SC.CT3_UpdateTM" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3UT_Cancel"/>
<descriptor type="ClayTablet.SC.CT3_UpdateTM" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3UT_OnCancel"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="OnLoad" assemblyName="ClayTablet.SC" hint="CT3UD_OnLoad"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="ActivePageChanging" assemblyName="ClayTablet.SC" hint="CT3UD_ActivePageChanging"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="ActivePageChanged" assemblyName="ClayTablet.SC" hint="CT3UD_ActivePageChanged"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="EndWizard" assemblyName="ClayTablet.SC" hint="CT3UD_EndWizard"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="Cancel" assemblyName="ClayTablet.SC" hint="CT3UD_Cancel"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="OnCancel" assemblyName="ClayTablet.SC" hint="CT3UD_OnCancel"/>
<descriptor type="ClayTablet.SC.CT3_UpgradeDialog" methodName="UpgradePipeLine" assemblyName="ClayTablet.SC" hint="CT3UD_UpgradePipeLine"/>
</allowedMethods>
</reflection>
</sitecore>
</configuration>
- Save your changes.