Currently audits follow the baseURL to its final URL even if outside of the site's (www?.) domain. This leads to situations where instead of the site an external site, e.g. an authentication provider, is audited. The URL resolver should return an error if we get outside the site's domain.
Currently audits follow the baseURL to its final URL even if outside of the site's (www?.) domain. This leads to situations where instead of the site an external site, e.g. an authentication provider, is audited. The URL resolver should return an error if we get outside the site's domain.