Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-59488

Ability to display the XML content of the Gadget in the browser only when the user authenticated to Jira/Confluence*

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • Macros - Gadgets
    • None
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Summary

      As of now, unauthenticated user (Confluence/Jira) able to access the XML content of the gadget by accessing the Gadget URL, for example:

      • <Confluence/Jira Base URL>/rest/gadgets/1.0/g/com.atlassian.streams.confluence:activitystream-gadget/gadgets/conf-activitystream-gadget.xml
      • <Confluence/Jira Base URL>/rest/gadgets/1.0/g/com.atlassian.jira.gadgets:filter-results-gadget/gadgets/filter-results-gadget.xml

      Suggestion

      Add a rule/permission to allow only the authenticated user to access the XML content of the gadget by accessing the Gadget URL.

      Attachments

        Activity

          People

            Unassigned Unassigned
            dazmi Dayana
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: