Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-8142

As a user, I want an external git submodule link to not send referer url as it may pose a information leak.

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • Security - Other
    • None
    • 5
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      When an external library or repo is added, committed and pushed to a Stash/Bitbucket Server repo as a submodule, the link within the Stash/Bitbucket Server Web GUI takes the visitor to the external location. This means that the referer (referrer) url (Stash/Bitbucket Server) is sent to the external server and is logged. This is poses as a data/information leak.

              Unassigned Unassigned
              nhansberry Nate Hansberry
              Votes:
              2 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: