Preventing URL Redirection

You can restrict the system from accessing any URL that is not in a specified list of domains. When input filtering is enabled in the web.xml file, only the domains defined in the emxSystem.properties file can be accessed from the system.

The properties from emxSystem.properties defined in this task are only used if input filtering is enabled in the web.xml file (step 1).

Note: If you add other filters to the web.xml file, insert them AFTER the security filters so that they cannot override the security filters.

  1. To enable input filtering, follow these steps:
    1. Open the web.xml file used by the TomCat server for editing.
    2. Add these lines:

      Note: You might already have enabled the input filter if you performed the Configuring Input Filtering task.
      <!-- XSS Input Filter filter -->
  <filter>
		    <filter-name>XSSInputFilter</filter-name>
		    <filter-class>com.matrixone.apps.domain.util.XSSInputFilter</filter-class>
  </filter>

    3. Add these lines: 

      <!--XSS Input Filter mapping -->
	<filter-mapping>
		   <filter-name>XSSInputFilter</filter-name>
	   	<url-pattern>/*</url-pattern>
	</filter-mapping>

    4. Save the web.xml file.
  2. Create or open the text file to contain customized properties for emxSystem.properties. For more information, see Editing Properties Using MQL.
  3. To enable the ability to restrict URL redirections to specific domains, follow these steps:
    1. Add or edit this line in the file used to import properties into the emxSystem.properties page object: 

      emxFramework.Security.ReferentialURL.ReferentialURLEnable = false

    2. Set the value for this property to true.
  4. To define the domains that can be used for redirecting URLs, follow these steps:
    1. Add or edit this line in the file used to import properties into the emxSystem.properties page object: 

      emxFramework.Security.ReferentialURL.WhiteListOfDomains=

    2. Set the value for this property to a pipe-separated list of domain names.
  5. When finished updating the text file with all properties you want to modify, including the ones shown here, use the text file to modify the emxSystem.properties page object. For more information, see Editing Properties Using MQL.