186 results found
-
Enhance the Deployment API to allow passing parameter to clear CDN cache after deployments
It would be helpful to Enhance the Deployment API to allow passing a parameter to clear CDN cache after deployment completes.
Reference: https://docs.developers.optimizely.com/digital-experience-platform/docs/deploy-using-powershell52 votes -
HSTS on the root domain
We are experiencing some redirection issues we have no control over as they are done in the root domain.
http://oldsite.com redirects to https://www.oldsite.com then finally to https://www.newsite.com
The redirection should be as follows:
http://oldsite.com -> https://oldsite.com -> https://www.newsite.com
Please update Optimzely’s configuration to do these redirects properly
29 votes -
Implement SRI attributes for injected JavaScript & Styles
The Optimizely PAAS CMS platform has multiple touchpoints where scripts are injected into the frontend UI. Examples include Optimizely Forms, Content Recommendations, Search & Navigation etc.
When these scripts are injected into the UI, they are not added with a Sub-resource Integrity attribute. An SRI check allows us to instruct the browser that it should not load a tampered version of a JS or CSS file and can protect users from man in the middle attacks. You can read more about SRI here: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
This is a commonly reported issue in penetration tests and clients are becoming increasingly more security…
10 votes -
DateOnly content property type
Editors often need to specify dates without a specific time.
Today we solve this with a DateTime property and an editor descriptor to display a date picker without time in the CMS UI, meaning we'll have a date at midnight.
However, this can easily lead to gotchas when working with multiple time zones.
Support for the DateOnly type (introduced in .NET 6) would solve this.
6 votes -
Support for Trash Status Filtering via exposing _deleted property in query filters to improve duplicate result handling
We have use cases where we need to search content to determine if an item is in the Trash. Currently, we use the cg-include-deleted: true header as described in the documentation. However, we have observed that duplicate results are returned from the Graph for Content() items.
One result represents the original location (tombstone marker) with the property _deleted: null, while the most recent version in the index has _deleted: true.
Although we can filter out duplicates on the client side, this approach is not ideal.
We would like the _deleted property to be available as part of ContentWhereInput so that…4 votes -
App Insights alerts
Self-serve creation of alerts in App Insights based on specific thresholds exceeding a limit will help be proactive in responding to potential performance issues or other problems
6 votes -
Syncing folder types/names to GraphQL index
We have a need to query content under certain folder from GraphQL API. At the moment we can query the parent GUIDs from a block, but it only returns a list of GUIDs. It returns them in a certain order, so it is possible to find out from there which is which folder, but it would be easier if we could query also the name of the folder. At the moment GraphQL API does not index the folder information, so we would like the folder information also to be synced to the index.
3 votes -
Custom reports in CMS
They would like to see reports for pages where they have a lot of content to list the blocks and then pieces of information specific fields.
Custom reporting functionality needed for content inventory management
- Create reports by picking block/page template and selecting specific fields
- Current process requires developer/agency hours for custom reports
- Want ad hoc reporting: “insights report with just title, URL, publish date, authors”. or professionals reports with name, bio, etc.
- Would free up agency hours for higher-value work
4 votes -
Custom Error Pages
Add support for Azure Custom Error Pages.
Our client has a requirement to display a custom error page when the web application is restarted.
We can use the maintenancepage,htm during deployments but they require a custom page for pure restarts as well.This custom error page feature in Azure provides what they need but its not currently supported by Optimizely DXP.
5 votes -
Support for Including File Attachments in Optimizely Forms Submission Emails
By default, Optimizely Forms do not send uploaded files as attachments in submission emails. Instead, the system provides links to the files stored in the Optimizely asset library. These links are only accessible to CMS-authenticated users, which limits their usability for external recipients.
Custom Enhancement Possibility:
It is currently possible to customize the SendEmailAfterSubmissionActor to include file attachments, as demonstrated in this community blog post: https://world.optimizely.com/blogs/kennyg/dates/2025/8/sending-email-with-attachments-with-optimizely-forms-in-2025/However, as stated in this blog post, this requires duplicating built-in logic, since SendEmailAfterSubmissionActor does not expose an integration point that allows developers to hook in and add attachments to the message.
Proposed Improvement:…
4 votes -
multi select from dam
When choosing files through the DAM picker, I'd like to be able to select multiple assets at once.
3 votes -
Ability to smoke-test more than 1 site during smooth deploy (slot domains)
Ability to smoke-test more than 1 site during smooth deploy (slot domains)
As a CMS developer and QA specialist we want to be able to smoke-test multiple sites so that we can detect potential issues on all our sites during deployment with DXP Cloud Platform to our multi-site CMS platform.
When we deploy to PREP/PROD we get a temporary SLOT to run our smoke-tests against. For example:
https://projectidprep-slot.dxcloud.episerver.net/
https://projectidprod-slot.dxcloud.episerver.net/
These are the default URL provided by Optimizely and are configured on the first website. We would like to be able to smoke-test multiple sites on the SLOT instance.
We could…
2 votes -
Standard schemas for CMS (to make easy for SEO/GEO)
Schema settings not out-of-the-box
- Multiple back-and-forth with implementation agency for schema configuration
- Need base schema templates by industry/content type
- Critical for LLM optimization and structured data requirements
2 votes -
Change Log filtering
Change Log should be improved so it can have multi Changed By selection (with auto complete), and Exclude Changed By to ignore certain changes made by automated jobs (import jobs etc.)
2 votes -
Computed readonly field for a content type
A way to define a property or a method within a given content type having the following characteristics:
- It is a computed property: the value will be determined by querying other related database tables
- The property will be displayed as read-only / disabled on the Optimizely dashboard / edit content typeThe next approach does not display the property in Optimizely Admin UI
[Display( Name = "Total Price", Order = 130, GroupName = GroupNames.Plm)] public virtual decimal TotalPrice => Items?.Sum(i => i.Quantity * i.UnitPrice) ?? 0;This happened because it looks like content graph, SearchText, and GetSearchableProperties() in…
5 votes -
Use more secure ciphers by default
When performing a security check for a DXP site on internet.nl the result is that "Your web server does not prefer 'Good' over 'Sufficient' over 'Phase out' ciphers" and "Your web server supports one or more ciphers that have a phase out status, because they are known to be fragile and are at risk of becoming insufficiently secure.".
I suggest that more secure ciphers should be used on all DXP sites by default. The more secure ciphers are referred to as "Modern", "Compatible", and "Legacy" in the cloudflare documentation. https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/recommendations/
6 votes -
Disable Allowed Content Types Description in CMS 12 Edit View
In CMS 12 Episerver Edit interface we noticed a new feature: above all ContentArea fields, a description appears listing allowed content types (Refer attachment).We’d like to have this removed. It seems to add more confusion than clarity for our editors. We already enforce allowed content types using the [AllowedTypes] attribute in code, so displaying the full list in the UI—especially including unrelated options like Episerver Forms elements—is unnecessary and distracting.
This description wasn’t present in CMS 11, and we would prefer to maintain that cleaner editor experience.3 votes -
When using Expanded in a query. Results are not updated when child content is changed.
When editors update child content, queries on the parent content that use "Expanded" do not update the results. The workaround is for the editor to go to each content item that uses the child content and click it's "Synchronize with Optimizely Graph" button. Simply waiting for a scheduled job does not work.
1 vote -
The email field in a created Form should be marked as type="email" for accessability
When an editor creates a form with an email field, the field should be marked as type="email" to support the new accessability laws.
1 vote -
Alerting for suspicious traffic spikes
Customers never get alerted to suspicious traffic spikes unless they impact site speed or uptime.
Ability to establish alerting for suspicious attacks, even if they are addressed by cloudflare before they impact site performance.6 votes
- Don't see your idea?