A new Content Server configuration option allows you to restrict the persistent URL blobs that can be stored in the Content Server . It contains a regular expression that a newly written blob URL must match. Persistent URL blobs are not stored as binary data in the Content Server . Instead, only a URL referencing the blob data is stored and resolved on each access of the blob. Because certain URLs like file URLs could potentially be used to exfiltrate data from a server, this may pose a security risk.

Previously, all URLs were permitted for persistent URL blobs, but the new default is to allow the HTTP and HTTPS protocols, only. Set the property to the empty string to disable persistent URL blobs entirely. Set the property to .* to allow any URL.

(CMS-18598)