loading table of contents...

Operations Basics / Version 2301

Table Of Contents

4.8.4 URL Injection

Blobs can be stored as URLs that are resolved when the blob is accessed (persistent URL blobs). This feature is restricted to HTTP and HTTPS URLs by default, because other URLs like file URLs might point to sensitive data that can be exfiltrated by injecting a malicious URL into the content repository. To control the allowed URLs for URL blobs, set the Content Server property cap.server.blobUrlPattern to a regular expression that matches the allowed URLs. Note that the pattern is used to check URLs during writes and does not affect already stored blobs.

Search Results

Table Of Contents

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.