This issue has been created
 
 
JIRA Components / cid:jira-generated-image-avatar-4384ceeb-eab2-4a74-98b4-5cf23dfa12a8 JIRA-61 Open

JIRA instance URL should be checked against the trusted domains

 
View issue   ยท   Add comment
 

Issue created

 
cid:jira-generated-image-avatar-8d875153-cd6b-4898-aa81-b04d44d829cf Simon Urli created this issue on 18/Dec/24 15:18
 
Summary: JIRA instance URL should be checked against the trusted domains
Issue Type: cid:jira-generated-image-avatar-4384ceeb-eab2-4a74-98b4-5cf23dfa12a8 Improvement
Affects Versions: 9.0
Assignee: Unassigned
Components: API
Created: 18/Dec/24 15:18
Priority: cid:jira-generated-image-static-major-1ae436c6-8715-45eb-b937-45b90bcf4814 Major
Reporter: Simon Urli
Description:

We allow to configure in XWiki a list of trusted domains: the JIRA instance URLs allowed in the macro should be checked against what's allowed in the trusted domain by default.
Since it would be backward compatibility change, we might require to introduce a configuration setting somewhere to allow disabling that behaviour for JIRA macro for avoid problems when upgrading.