Add documentation about OCP\Security\ITrustedDomainHelper

Signed-off-by: Joas Schilling <coding@schilljs.com>

developer_manual/digging_deeper/index.rst

@@ -27,3 +27,4 @@ Digging deeper
    groupware/index
    web_host_metadata
    status
+   security

developer_manual/digging_deeper/security.rst

@@ -0,0 +1,28 @@
+.. _security:
+
+========
+Security
+========
+
+Trusted domain
+----------------
+
+In some cases it might be required that an app checks that a user given link is one of the current instance.
+This is possible with the ``OCP\Security\ITrustedDomainHelper``:
+
+.. code-block:: php
+
+    <?php
+
+    declare(strict_types=1);
+    use OCP\Security\ITrustedDomainHelper;
+
+    $helper = \OC::$server->get(ITrustedDomainHelper::class);
+
+    // Compare a full URL example given
+    $url = 'https://localhost/nextcloud/index.php/apps/files/';
+    $helper->isTrustedUrl($url);
+
+    // Compare a domain and port
+    $domain = 'example.tld:8443';
+    $helper->isTrustedDomain($domain);