Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 8.2.0, 8.1.1
Affects Version/s: 8.1.0, 8.0.1, 8.0.2
Component/s: Security
Labels:

Support reference count:
2
Symptom Severity:
Severity 2 - Major
UIS:
1
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Issue Summary

This is reproducible on Data Center: Yes

Steps to Reproduce

Configure confluence on SSL
Follow KB - how-to-enable-and-configure-http-strict-transport-security-hsts-response-header-on-confluence
Attached web.xml with modifications

Expected Results

Need to see strict transport security header, when accessing the instance

Actual Results

Headers not visible

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available

Important note for the fix

Please read the updated documentation for configuring HSTS response headers.

https://confluence.atlassian.com/confkb/how-to-enable-and-configure-http-strict-transport-security-hsts-response-header-on-confluence-1071813084.html

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

web.xml
173 kB
19/Jan/2023 1:42 PM

Issue Links

follows: VULN-1033847 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(2 mentioned in)

Activity

People

Assignee:: Richard Lau

Reporter:: Jetendra Ivaturi

Votes:: 2 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Due:: 27/Apr/2023

Created:: 19/Jan/2023 9:37 AM

Updated:: 06/Oct/2023 1:30 PM

Resolved:: 01/Mar/2023 11:20 AM