Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 8.2.0, 8.1.1
Affects Version/s: 8.1.0, 8.0.1, 8.0.2
Component/s: Security
Labels:

Support reference count:
2
Symptom Severity:
Severity 2 - Major
UIS:
1

Issue Summary

This is reproducible on Data Center: Yes

Steps to Reproduce

Configure confluence on SSL
Follow KB - how-to-enable-and-configure-http-strict-transport-security-hsts-response-header-on-confluence
Attached web.xml with modifications

Expected Results

Need to see strict transport security header, when accessing the instance

Actual Results

Headers not visible

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available

Important note for the fix

Please read the updated documentation for configuring HSTS response headers.

https://confluence.atlassian.com/confkb/how-to-enable-and-configure-http-strict-transport-security-hsts-response-header-on-confluence-1071813084.html

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

web.xml
173 kB
19/Jan/2023 1:42 PM

follows: VULN-1033847 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(1 mentioned in)

Assignee:: Richard Lau
Reporter:: Jetendra Ivaturi (Inactive)
Votes:: 2 Vote for this issue
Watchers:: 8 Start watching this issue

Due:: 27/Apr/2023
Created:: 19/Jan/2023 9:37 AM
Updated:: 24/Feb/2025 5:00 PM
Resolved:: 01/Mar/2023 11:20 AM