Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Unresolved
Component/s: Navigation - Top
Labels:
None

UIS:
24
Support reference count:
6

Issue Summary

When we directly access the links like https://xxx.atlassian.net/jira/dashboards & https://xxx.atlassian.net/jira/filters then instead of getting redirected to the login page, we are presented with blank screen, of JSW site, and it also ends up showing the Logo that customer have updated under “Look & Feel” settings in JSW cloud, without log in to the site.

Steps to Reproduce

Logout from your Jira site or access in incognito mode
Browse the URLs https://xxx.atlassian.net/jira/dashboards, https://xxx.atlassian.net/jira/projects, https://xxx.atlassian.net/jira/filters or specific JQL page https://xxx.atlassian.net/issues/?jql=created%20%3E%3D%20-30d%20order%20by%20created%20DESC

Suggestion

Prevent anonymous users from accessing those pages. Make it so people are redirected to log in instead.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

Screenshot 2024-04-19 at 3.46.49 PM.png
57 kB
19/Apr/2024 5:47 AM
screenshot-1.png
101 kB
19/Apr/2024 7:06 AM

is duplicated by

JRACLOUD-95979 Make Jira project, filter and dashboard list pages not publicly accessible

Closed

is related to

JRACLOUD-96588 Custom logo displayed for anonymous users

Gathering Impact

relates to

JRACLOUD-80562 Restrict "/rest/api/2/dashboard" to only users in the instance and not anonymous users

Closed

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...

(2 mentioned in)

Assignee:: Adrian Konkolowicz
Reporter:: Anindyo Sen
Votes:: 40 Vote for this issue
Watchers:: 25 Start watching this issue

Created:: 07/Feb/2024 8:27 AM
Updated:: Yesterday 2:59 AM

Details

Description

Issue Summary

Steps to Reproduce

Suggestion

Attachments

Attachments

Issue Links

Activity

People

Dates