Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-19393

Remove the download link for XML site backups

    XMLWordPrintable

Details

    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Currently Confluence allows easy download of XML site backups. This could be considered a security risk. This issue introduces a flag in the Confluence_cfg.xml that allows system administrators to turn this feature on or off. By default it is off meaning that the link will not be displayed. The flag admin.ui.allow.manual.backup.download can be changed to true to enable the link again. A restart of Confluence is needed after this flag has changed. The severity of this issue is rated HIGH. Please refer to http://confluence.atlassian.com/x/ZILmD for other security related issues and information on how we rate issues.

      Attachments

        Activity

          People

            Unassigned Unassigned
            dkjellin Daniel
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: