We allow to configure in XWiki a list of trusted domains: the JIRA instance URLs allowed in the macro should be checked against what's allowed in the trusted domain by default. Since it would be backward compatibility change, we might require to introduce a configuration setting somewhere to allow disabling that behaviour for JIRA macro for avoid problems when upgrading. |