-
Suggestion
-
Resolution: Won't Fix
-
None
Currently when external links are entered into Confluence pages, the link points directly to the linked page. This allows the linked site to harvest internal addresses (potentially containing page titles) of a private Confluence instance by logging the browser referrer header.
Confluence should have an option to enable "safe external links". This should include two features: allow the administrator to specify a list of "safe sites" (such as all internal servers) where linking can be direct. Then, if safe linking is enabled, Confluence would link to any pages which aren't on the safe list through an redirect page which would clear the browser referrer.
From: https://confluence.atlassian.com/confkb/how-do-i-hide-referrer-info-to-linked-external-sites-779293508.html/:
Confluence users may wish to anonymise external links that exists in their Confluence pages to make sure that the external Websites owners will not be able to see that their sites are being linked in their Confluence page.
- is superseded by
-
- Closed
- relates to
-
- Closed
[CONFCLOUD-58741] Hide referrer info to linked external sites
| Link |
New:
This issue is superseded by |
| Remote Link | New: This issue links to "Page (Confluence)" [ 560078 ] |
| Remote Link | New: This issue links to "Page (Confluence)" [ 558857 ] |
| Resolution | New: Won't Fix [ 2 ] | |
| Status | Original: Gathering Interest [ 11772 ] | New: Closed [ 6 ] |
| Labels | New: timeout-suggestion-bulk-close202106 |
| Link | New: This issue relates to CONFCLOUD-67382 [ CONFCLOUD-67382 ] |
| Workflow | Original: JAC Suggestion Workflow [ 3429909 ] | New: JAC Suggestion Workflow 3 [ 3613515 ] |
| Workflow | Original: Confluence Workflow - Public Facing v3 [ 2500357 ] | New: JAC Suggestion Workflow [ 3429909 ] |
| Status | Original: Needs Verification [ 10004 ] | New: Gathering Interest [ 11772 ] |
| Description |
Original:
Currently when external links are entered into Confluence pages, the link points directly to the linked page. This allows the linked site to harvest internal addresses (potentially containing page titles) of a private Confluence instance by logging the browser referrer header.
Confluence should have an option to enable "safe external links". This should include two features: allow the administrator to specify a list of "safe sites" (such as all internal servers) where linking can be direct. Then, if safe linking is enabled, Confluence would link to any pages which aren't on the safe list through an redirect page which would clear the browser referrer. From: https://confluence.atlassian.com/confkb/how-do-i-hide-referrer-info-to-linked-external-sites-779293508.html/: Confluence users may wish to anonymize external links that exists in their Confluence pages to make sure that the external Websites owners will not be able to see that their sites are being linked in their Confluence page. |
New:
Currently when external links are entered into Confluence pages, the link points directly to the linked page. This allows the linked site to harvest internal addresses (potentially containing page titles) of a private Confluence instance by logging the browser referrer header.
Confluence should have an option to enable "safe external links". This should include two features: allow the administrator to specify a list of "safe sites" (such as all internal servers) where linking can be direct. Then, if safe linking is enabled, Confluence would link to any pages which aren't on the safe list through an redirect page which would clear the browser referrer. From: https://confluence.atlassian.com/confkb/how-do-i-hide-referrer-info-to-linked-external-sites-779293508.html/: Confluence users may wish to anonymise external links that exists in their Confluence pages to make sure that the external Websites owners will not be able to see that their sites are being linked in their Confluence page. |
| Link |
New:
This issue relates to |