There's a feature to adjust the URLs for servers in standalone and domain mode. Theis URL is then used to build links in the management console for deployments, JAX-RS endpoints and other features. It's useful when WildFly is running in a container or similar environments. In this case the URL from the management model is not really useful.  

Currently the URL is not validated. If the user for instance enters an URL like javascript:alert(document.domain), it's treated just like any other URL and 'opened' when the user clicks on it. 

This enhancement is about restricting the schemes of the URLs to http or https. Any other schemes will be rejected.