Skip to main content

Workaround: 403 Uploading Images to Control Center

Adding a logo or other image to CC can generate a 403 from Amazon Web Services (AWS) Web Application Firewall (WAF) rule, which rejects images containing Extensible Metadata Platform (XMP) tags.

If an uploaded image contains embedded XMP tags, it will trigger the AWS WAF checks against cross-site scriptin (XSS). Confirm this by looking in the image file.

Strip image tags with steps below:

  1. Download exiftool from Installing ExifTool, and follow the instructions for your environment.

  2. Delete tags from the image by running exiftool -All= <image file name>.

  3. Try again to upload the modified file.

Your file should upload to AWS without the WAF XSS warning.