Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-6647

add permission type VIEW PAGE SOURCE

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • None
    • Confluence Pages with sensitive information in page source
    • 0
    • 3
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Using several confluence macros (jiraissues, SQL, CHAR-Plugin etc.) needs to embedd sensitive information (UserID, Passwords, SQL-Statements, etc.). to the Confluence source pages.

      Currently, there is no way to hide this information, because view page permission == view page source permission.

      You can edit the layer templates to remove the 'page source' link, but the 'view source URL' will still work for anyone who can see the page.

      The only way to hide this sensitive information is to prevent access to the Confluence Page Source.

      This leads to the feature request to add a new permission type: "view page source" to be able to revoke access to the page sources.

      Without this feature, Confluence pages are limited to non-sensitive information if you provide access for external parties like customers etc.

            [CONFSERVER-6647] add permission type VIEW PAGE SOURCE

            No work has yet been logged on this issue.

              Unassigned Unassigned
              7c053887-380b-433f-a5ba-d4d850d12439 Deleted Account (Inactive)
              Votes:
              22 Vote for this issue
              Watchers:
              15 Start watching this issue

                Created:
                Updated: