A photo of Geoffrey Hayward

Serving Static Assets from Bloomreach CMS

Published June 19, 2019

An abstract illustration, featuring a stylized file icons with a mini hippo design prominently displayed.

Serving a static files with Bloomreach (formally known as Hippo CMS), such as BingVerify.xml, is not as simple as dropping it in the webapp folder. However, with a little extra configuration Bloomreach CMS will serve the file.

First add the static file in webapp. In my case example site/src/main/webapp/BingSiteAuth.xml. Then update hts:default in sitemap.ymal akin to the following.

/hst:hst/hst:configurations/hst:default/hst:sitemap:
 /BingSiteAuth.xml:
   hst:authenticated: false
   hst:containerresource: true
   jcr:primaryType: hst:sitemapitem

After rebuilding the project, the static file BingSiteAuth.xml will be served by Bloomreach CMS.

Latest Posts

Illustration representing a Hugo website migration from Cloudflare Pages to Cloudflare Workers with Decap CMS and GitHub authentication.

Moving from Cloudflare Pages to Workers

May 31, 2026

Computing

I moved my Hugo site from Cloudflare Pages to Cloudflare Workers. The migration was mostly straightforward, but a few small details were worth writing down.

Continue reading
Digital illustration of a magnifying glass highlighting a glowing green “9:00” timestamp in computer logs, representing a detective-style investigation of suspicious traffic.

Is Chromium Omaha Updater Bringing Your Site or Service Down

September 19, 2025

Computing

For the last two weeks or so, every day at 9:00 a.m. one of the major UK National Health Service ‘NHS’ websites, I work on, has been getting hit by something strange and was on the brink each time. The regularity of 9:00 a.m. was suspicious.

Continue reading
A simple graph that says configure Terraform Cloud to assume an AWS IAM role via OIDC.

Configure Terraform Cloud to Assume an AWS IAM Role via OIDC

June 11, 2025

Computing

Here is how to configure Terraform Cloud to assume an AWS IAM role via OIDC (OpenID Connect) using only environment variables—no static AWS keys are required.

Continue reading