As an administrator, I want to be able to hide any version information from Bitbucket for anonymous users

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Administration
    • None
    • 7
    • 8

      Problem Definition

      Version informations should not be accessible to any non authenticated user.

      For some customers, this could represent a security concern.

      Suggested Solution

      Hide any version information (for example from the footer of Bitbucket) or provide an option to do so.

      Workaround

      To hide the footer, the steps are as follows:
      1. Open $BITBUCKET_INST/app/static/bitbucket/internal/webpanels/global-footer.soy in a text editor
      2. Locate the following section:

      <li>{productFullName()} <span title="{$hash}" id="product-version" data-commitid="{$hash}" data-system-build-number="{$systemBuildNumber}"> v{$buildVersion}</span></li>

      Edit it so it looks like:

      {if false}
    <li>{productFullName()} <span title="{$hash}" id="product-version" data-commitid="{$hash}" data-system-build-number="{$systemBuildNumber}"> v{$buildVersion}</span></li>
{/if}

      3. Restart Bitbucket Server

      In case of a data center setup, this needs to be performed on each node.

      Note

      Wrapping the list item in an if block that will never execute it guarantees that the item remains hidden, but will still allow the template to function correctly.

            Assignee:
            Unassigned
            Reporter:
            Caterina Curti
            Votes:
            12 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated: