Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Invalid
Component/s: Infrastructure & Services
Labels:

NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

There have been a number of security issues in non-atlassian software caused by using the HOST header of an incoming request. Therefore, this suggestion issue to request that when JIRA sees a request with a HOST header that does not match the instance's server url to redirect the request to the server url.

is related to

JRASERVER-44574 Redirect requests that have a different HOST header than what JIRA is configured to serve for to the correct (configured) JIRA server url.

Closed

CWD-4850 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

Closed

BSERV-9429 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

Gathering Interest

CONFCLOUD-39636 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

Gathering Interest

BAM-18112 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

Gathering Interest

FE-6744 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.

Not Being Considered

(1 is related to)

Assignee:: Unassigned
Reporter:: David Black
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: 30/Jul/2015 5:56 AM
Updated:: 19/Sep/2019 5:54 AM
Resolved:: 13/Apr/2017 5:31 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates