Introduction / FirstSpirit Server configuration / Configuration files (FirstSpirit Server) / FirstSpirit Server (fs-server.conf) / JumpToServlet and Webedit ForwardAction
Area: JumpToServlet and ContentCreator ForwardAction
Table of contents |
Redirections in the client-server communication are restricted by the FirstSpirit server for security reasons.
Using the optional parameter allowedRedirectHosts URLs can be defined to which a redirect is to be allowed.
allowedRedirectHosts
At some points in FirstSpirit, redirect URLs are generated (e.g. links from remote projects in the preview or for the ContentCreator preview) that can potentially also refer to external URLs; for example:
http://localhost:5100/jump?url=http://www.example.de
or
http://localhost:5100/fs5webedit/Dispatcher?project=1183078&language=
DE&weAction=Forward&forward=http://www.example.de
URLs can be defined using the optional parameter allowedRedirectHosts to which a redirect is to be allowed. The following modes are possible:
allowedRedirectHosts=ALLOW_ALL
Redirects to all URLs are allowed without limitations.
allowedRedirectHosts=fs.mywebsite.de,example.de,intranet.mywebsite.de
This allows for the creation of a white list of allowed targets. The allowed URLs are specified as comma-separated:
allowedRedirectHosts=FS_SERVER
A white list of allowed URLs is created from the following sources:
- fs-server.conf, parameters
- in the server properties configured web server (see Web server). This is the default setting.
If an attempt is made to call an URL that is not allowed, the HTTP status code 403 (with the error cause “Forbidden request host:”) is output.
Using wildcards to configure redirect URLs
Wild-card characters can be used for configuration purposes. These wild-cards can be used for the top subdomain as well as within a subdomain.
Examples for possible wild-cards:
*.example.com
first*.example.com
*spirit.example.com
f*spirit.example.com
firstspirit.*xample.com
Not allowed are:
- Wild-cards in IP addresses
- multiple wild-cards inside a single definition
- replacing a whole domain with a wildcard
Examples for prohibited definitions:
*.168.1.1
f*spir*.example.com
firstspirit.*.com
*.com
*