Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-4850

Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

    XMLWordPrintable

    Details

    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      There have been a number of security issues in non-atlassian software caused by using the HOST header of an incoming request. Therefore, this suggestion issue to request that when Crowd sees a request with a HOST header that does not match the instance's server url to redirect the request to the server url.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              dblack David Black
              Votes:
              2 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: