Custom plugin using URLStreamHandlerWithContext blocking connection as untrusted
Having trouble deploying Oxygen XML Web Author? Got a bug to report? Post it all here.
Custom plugin using URLStreamHandlerWithContext blocking connection as untrusted
Hello,
We have been using a custom plugin for Oxygen XML Editor to load our XML data that extends URLStreamHandlerWithContext, and recently (seems to be after upgrading to v 26.0) the connection from this plugin has been blocked as untrusted. This is the error message we receive (url redacted):
As a workaround, we have been adding our host to the allowed hosts list on the Administration page. However, this is not a great long term solution as we have to adjust this config after each deploy (and we're running Oxygen in an AWS ECS task, which AWS may destroy/create automatically at any time).
From the documentation, I can see that:
Thanks,
Trent Olson
We have been using a custom plugin for Oxygen XML Editor to load our XML data that extends URLStreamHandlerWithContext, and recently (seems to be after upgrading to v 26.0) the connection from this plugin has been blocked as untrusted. This is the error message we receive (url redacted):
Strangely, we only see this issue in our production environment. All of our pre-production environments don't have this issue.Connection to https://xxxxx.xxxxx.xxxxx.com/vx/xxxxx/ ... c5551/xxxx was blocked because it is not configured as a trusted host.
As a workaround, we have been adding our host to the allowed hosts list on the Administration page. However, this is not a great long term solution as we have to adjust this config after each deploy (and we're running Oxygen in an AWS ECS task, which AWS may destroy/create automatically at any time).
From the documentation, I can see that:
However, I can't find anywhere in the documentation that says where or how a plugin would specify this. Is the fact that the plugin uses a specific URL for a connection supposed to implicitly trust that host? Or, in addition to our custom URLStreamHandlerWithContext plugin, should we be creating a custom TrustedHostsProviderExtension with the same hosts listed that our other plugin uses?Plugins can specify whether a connection is allowed or denied, regardless of whether or not they are listed in the Security tab of the Administration Page.
Thanks,
Trent Olson
Re: Custom plugin using URLStreamHandlerWithContext blocking connection as untrusted
Hello,
Thank you for contacting us.
You can view the post here [1], where my colleague, Radu, managed to respond:
Best,
Cosmin
Thank you for contacting us.
You can view the post here [1], where my colleague, Radu, managed to respond:
[1] viewtopic.php?p=74182#p74182The TrustedHostsProviderExtension is overall a good solution in order to take control in your Oxygen plugin over which hosts are trusted and which are not.
Best,
Cosmin
Cosmin Eftenie
www.oxygenxml.com
www.oxygenxml.com
Jump to
- Oxygen XML Editor/Author/Developer
- ↳ Feature Request
- ↳ Common Problems
- ↳ DITA (Editing and Publishing DITA Content)
- ↳ SDK-API, Frameworks - Document Types
- ↳ DocBook
- ↳ TEI
- ↳ XHTML
- ↳ Other Issues
- Oxygen XML Web Author
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Content Fusion
- ↳ Feature Request
- ↳ Common Problems
- Oxygen JSON Editor
- ↳ Feature Request
- ↳ Common Problems
- Oxygen PDF Chemistry
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Feedback
- ↳ Feature Request
- ↳ Common Problems
- Oxygen XML WebHelp
- ↳ Feature Request
- ↳ Common Problems
- XML
- ↳ General XML Questions
- ↳ XSLT and FOP
- ↳ XML Schemas
- ↳ XQuery
- NVDL
- ↳ General NVDL Issues
- ↳ oNVDL Related Issues
- XML Services Market
- ↳ Offer a Service