Configure and Launch External URLs

Warehouse users often need fast access to partner or supplier portals (documentation, supplier systems, reference sites) while working in WMS. This enhancement enables administrators to configure predefined external websites and launch them directly from the WMS menu to improve efficiency and streamline day-to-day workflows.

New Module (Redwood Only)

We’ve added a new WMS module, External Site, with a new screen parameter external_url.

Configurable URL per Screen

You can configure each external site entry via the external_url screen parameter. The URLs will open in a new browser tab, independent of WMS. No authentication, tokens, or WMS context are passed to the destination site.

Access Control

You can grant access to configure external URLs using the “access external sites” permission. This permission is granted by default to ADMIN. EMPLOYEE roles must be explicitly granted this permission.

If a user does not have the permission, the external URL will not open.

Security and Privacy Behavior

Links are configured with rel="noreferrer" so the destination site does not receive referrer details (for example, the WMS domain).

Menu and Device/Client Rules

NOTE: External URL screens are Redwood-only. Attempting to add them in legacy screens results in the message: “Not supported in legacy menu.”

You can’t create menus with screen type EXTERNAL-URL. Saving this kind of menu will display the error message: “Menu with this screen type is not allowed.”

External site entries can be placed under menu entries such as UI-HTML and RF-TEXT for navigation purposes.

Traditional RF limitation:

If configured under an RF menu and launched from a traditional/regular RF device, users will see: “Screen type not supported.”

Additional Security Improvements (OJET)

To strengthen overall application security posture, OJET-based pages and components are updated to align with current security standards, including:

  • Content Security Policy (CSP) improvements
  • Input/output sanitization hardening
  • Token/data protection enhancements
  • Secure deployment configuration updates
  • Remediations addressing recent Fortify scan findings

These changes help reduce risks such as XSS, token theft, and insecure configuration.

Steps to enable and configure

  1. You can configure each external site entry via the external_url screen parameter. The URLs will open in a new browser tab, independent of WMS. No authentication, tokens, or WMS context are passed to the destination site.
  2. You can grant access to configure external URLs using the “access external sites” permission. This permission is granted by default to ADMIN. EMPLOYEE roles must be explicitly granted this permission.