XWiki 13.3RC1 and 12.10.7 introduced a security mechanism to avoid redirecting users to untrusted domains. Extension which uses this API can still bypass the check by setting bypassDomainSecurityCheck to true in the execution context before using the redirect API, to avoid problems if administrators don't properly set it up.
XWiki 13.3RC1 and 12.10.7 introduced a security mechanism to avoid redirecting users to untrusted domains. Extension which uses this API can still bypass the check by setting
bypassDomainSecurityCheck
to true in the execution context before using the redirect API, to avoid problems if administrators don't properly set it up.