This setting affects the accessing of Manuals and Files through the External Link functionality. If a website is added as a referer to this list, the External Links will only be accessible if a person attempts to access the link through that website.
For example, if the website https://www.mysite.com/ is added to the whitelist, people will be unable to use the External Link – unless it is being clicked on a page belonging to https://www.mysite.com/. If someone attempts to access the External Link in some other way (such as simply pasting it into the browser's address bar, opening the link from a bookmark, or clicking on the link from a website other than https://www.mysite.com), they will receive an error stating "Access Denied".
Technical Details
If a request is made to the platform's server for some External Link, and the File Security Whitelist is not empty, the server will check the incoming HTTP request's headers for the 'referer'. Access will be denied if:
- the referer header is missing, or
- the referer's domain does not match any of those in the whitelist.
Whether or not the referer header is set when making the request is dependent on a combination of the browser being used, and the referring website's implementation of links. For example, many versions of Internet Explorer will refuse to add the referer if the link is implemented using Javascript.
For an overview of File Security Whitelist please take a look at the following video.