Closed surli closed 3 years ago
@surli : can you give a code example in groovy (where Context is available) and java (where XWikiContext is)?
So for groovy you can probably directly use the execution component, so you can take inspiration on @tmortagne code for OIDC I think: https://github.com/xwiki-contrib/oidc/commit/c8681d75804956087841f7075b7d4b1e986fdde6
If you don't want to use components, you can always access the ExecutionContext by using something like:
context.getXWikiContext().get(XWikiContext.EXECUTIONCONTEXT_KEY)
XWiki 13.3RC1 and 12.10.7 introduced a security mechanism to avoid redirecting users to untrusted domains. Extension which uses this API can still bypass the check by setting
bypassDomainSecurityCheck
to true in the execution context before using the redirect API, to avoid problems if administrators don't properly set it up.