Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-39636

Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

    XMLWordPrintable

Details

    • 1

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion.

      There is an issue in server instances of Confluence caused by arbitrary HOST header of redirection. There have been a number of security issues in non-atlassian software caused by using the HOST header of an incoming request. Therefore, this suggestion issue to request that when Confluence sees a request with a HOST header that does not match the instance's server url to redirect the request to the server url.

      Attachments

        Issue Links

          is related to

          Suggestion - CONFSERVER-39636 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

          • Closed
          relates to

          Suggestion - JRACLOUD-44574 Redirect requests that have a different HOST header than what JIRA is configured to serve for to the correct (configured) JIRA server url.

          • Closed

          Activity

            People

              Unassigned Unassigned
              f7daba91b15c Koen Gillard
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: