CMS + Search & Navigation
Describes the integration between Optimizely Search & Navigation and Optimizely Content Management System (CMS).
The integration includes specific components for convenient usage of the Optimizely Search & Navigation .NET client API with Optimizely Content Management System (CMS).
Integration packages
The integration involves the following NuGet packages:
Episerver.Find.Cms
– Integration of the Search & Navigation REST API with CMS.EPiServer.Find
– The .NET client API for the Search & Navigation REST API (installed withEPiServer.Find.Cms
).EPiServer.Find.Framework
– General integration components for the Search & Navigation REST API (installed withEPiServer.Find.Cms
).
Integration components
Some of the functionality you get with the integration:
IndexingModule
– Hooks up events to handle content indexing (IContent
objects).- Conventions applied to the
SearchClient.Instance
object exclude some properties of theIContent
object and other CMS classes. The conventions also include additional fields. This is handled by theIndexingModule
at startup using theCmsClientConventions
class. - The
ContentIndexer
class handles the indexing, re-indexing, and removing content from the index. You can customize content to be indexed by modifying its conventions. - A scheduled job, Episerver Find (Search & Navigation) Content Indexing Job, handles content re-indexing.
- The
GetContentResult
extension method – Call to execute search requests and get actualIContent
objects back. - Several additional filter methods, such as
ContentReference
, make it more convenient to filter on CMS types.
Set up for development
The CMS integration assumes each environment has its own Search & Navigation index. It also assumes that content is added and removed through the CMS API. This means that:
- Each developer should have their development index unless you use a shared database.
- Each server environment (test, staging, and so on) should have its index unless it uses a shared database.
- If content is removed or added in ways other than the CMS API (for instance, using a database restore or rollback), you should run the scheduled job for re-indexing.
If you do not follow the above guidelines, the search and querying functionality may appear to work but produce unexpected results. For instance, the GetContentResult
method returns less content than its TotalMatching
property reports, which could happen if two developers use the same index, and one publishes a page that does not exist in the other developer's database.
Content Security Policy update for Service Health dashboard
To ensure the Service Health view in the Optimizely Search & Navigation UI functions correctly, clients must update their Content Security Policy (CSP) settings. If you have implemented a CSP, then it is likely in your Startup.cs
it might look something like this:
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) {
if (env.IsDevelopment()) {
app.UseDeveloperExceptionPage();
app.UseMiddleware < AdministratorRegistrationPageMiddleware > ();
}
// Add Content Security Policy (CSP)
app.Use(async (context, next) => {
context.Response.Headers.Add(
"Content-Security-Policy",
"default-src 'self'; " +
"script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.optimizely.com; " +
"img-src 'self' data: https://*.optimizely.com; " +
"style-src 'self' 'unsafe-inline' https://localhost:44333; " +
"font-src 'self' https://*.cloudfront.net https://localhost:44333; " +
"connect-src 'self' ws://localhost:* http://localhost:*;" +
"object-src 'none';"
);
await next.Invoke();
});
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints => {
endpoints.MapContent();
endpoints.MapControllerRoute("Register", "/Register", new {
controller = "Register", action = "Index"
});
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
}
To fix it and let the Service Health Dashboard function correctly, add the following directive to the CSP header configuration:
"frame-src 'self' dashboard.find.episerver.net;" +
The updated CSP configuration should look like this:
app.Use(async (context, next) => {
context.Response.Headers.Add(
"Content-Security-Policy",
"default-src 'self'; " +
"script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.optimizely.com; " +
"img-src 'self' data: https://*.optimizely.com; " +
"style-src 'self' 'unsafe-inline' https://localhost:44333; " +
"font-src 'self' https://*.cloudfront.net https://localhost:44333; " +
"connect-src 'self' ws://localhost:* http://localhost:*;" +
"frame-src 'self' dashboard.find.episerver.net;" + // Added directive
"object-src 'none';"
);
await next.Invoke();
});
Updating your CSP settings as shown lets the necessary connections for the Service Health view operate properly.
Updated 3 months ago