Details
-
Suggestion
-
Resolution: Invalid
Description
NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.
There have been a number of security issues in non-atlassian software caused by using the HOST header of an incoming request. Therefore, this suggestion issue to request that when JIRA sees a request with a HOST header that does not match the instance's server url to redirect the request to the server url.
Attachments
Issue Links
- is related to
-
JRASERVER-44574 Redirect requests that have a different HOST header than what JIRA is configured to serve for to the correct (configured) JIRA server url.
- Closed
-
BSERV-9429 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.
- Gathering Interest
-
CONFCLOUD-39636 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.
- Gathering Interest
-
BAM-18112 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.
- Gathering Interest
-
CWD-4850 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.
- Gathering Interest
-
FE-6744 Redirect requests that have a different HOST header than what is configured to the correct (configured) server url.
- Not Being Considered