Skip to main content
Kinetic Community

Redirection Whitelist

A Redirection Whitelist limits the locations a user can be redirected to outside the Kinetic Request application.  This applies to the location the user is optionally redirected to after a logout action.

Details 

A configuration item is added in v5.2 to the Kinetic Request Service Catalog Console configuration manager page.  By default, the "Web Redirection Whitelist" configuration item is not set, so external redirections are not allowed.

 

Configuration Item:  "Web Redirection Whitelist"

There may be multiple configuration items of the "Web Redirection Whitelist", each one specifies a host (ip address or domain name) that Kinetic Request is allowed to redirect to.

 

Important Note

Forms that build HTML links to external web sites or applications are not restricted to this list of hosts.  This security enhancement restricts redirections that can occur when controlling the user's destination from URL parameters.