Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-4085

Safe external links

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Won't Fix
    • None
    • None
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Currently when external links are entered into Confluence pages, the link points directly to the linked page. This allows the linked site to harvest internal addresses (potentially containing page titles) of a private Confluence instance by logging the browser referrer header.

      Confluence should have an option to enable "safe external links". This should include two features: allow the administrator to specify a list of "safe sites" (such as all internal servers) where linking can be direct. Then, if safe linking is enabled, Confluence would link to any pages which aren't on the safe list through an redirect page which would clear the browser referrer.

      Attachments

        Issue Links

          is duplicated by

          Suggestion - CONFSERVER-11343 Feature to hide HTTP_REFERRER in header

          • Closed
          is related to

          Suggestion - CONFCLOUD-58741 Hide referrer info to linked external sites

          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              christopher.owen@atlassian.com Christopher Owen [Atlassian]
              ec22805fc0e2 Sulka Haro
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: