Support multiple base URLs / hostnames for internal and external access

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Security - XSS
    • None

      As a Bitbucket Data Center administrator, I need to configure multiple hostnames (e.g., one for internal network access and one for external/internet access) without triggering XSRF check failures or forced redirects to the configured base URL.

      Currently, Bitbucket only supports a single base URL. When users access the instance via an alternative hostname:

      • They are redirected to the configured base URL
      • POST requests fail with 403 "XSRF check failed" because the browser's Origin header doesn't match the configured base URL

      Use case:

      • Internal users access via internal.company.com (resolves to private IP)
      • External users access via external.company.com (resolves to public-facing IP/load balancer)
      • Both should work without XSRF failures or redirect loops

      Current workaround: Split-horizon DNS (single hostname resolving to different IPs based on network). This works but adds DNS complexity and isn't always feasible in all network environments.

      Related (closed) in the past: BSERV-8481

              Assignee:
              Unassigned
              Reporter:
              Victor Menes
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: