Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Fix
Priority: Medium
Fix Version/s: None
Affects Version/s: 2.4, 2.5
Component/s: None
Labels:
- affects-server

When global "use confluence" is not enabled for anonymous users and an anonymous user tries to visit a URL that does not exist, the 404 page will still list all spaces which have individual anonymous access enabled. Confluence should not leak this information when global anonymous access is denied.

In this scenario we should simply display a generic 404 page not found with a link to the login page.

is blocked by

CONFSERVER-9283 404 Action doesn't get User Information

Closed

is duplicated by

CONFSERVER-6748 All users can see spaces which have anonymous access enabled, even when anonymous access is not globally enabled.

Closed

CONFSERVER-9688 Space names made visible to a non-authorised user upon entering a wrong URL

Closed

Assignee:: Unassigned
Reporter:: Christopher Owen [Atlassian]
Votes:: 2 Vote for this issue
Watchers:: 0 Start watching this issue

Created:: 16/Aug/2007 11:44 PM
Updated:: 11/Oct/2018 9:01 AM
Resolved:: 02/Jun/2008 5:31 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates