This is the documentation for Bamboo 5.5. View this page for the

Unknown macro: {spacejump}

of Bamboo, or visit the latest Bamboo documentation.

To prevent users being tricked into unintentionally submitting malicious data, Bamboo uses XSRF security protection.

Atlassian supported plugins have been updated to support XSRF. XSRF protection is enabled by default for Atlassian Cloud customers and new customers for the server version, however, if you are using a plugin that is not yet compatible with this security feature, you can disable it.

 Please carefully consider the security risks before you disable XSRF protection in your Bamboo installation.

Read more about XSRF (Cross Site Request Forgery) at wikipedia.

To configure XSRF protection:

  1. Click the  icon and select Overview.
  2. Choose Security settings in the left-hand panel.
  3. Click Edit.
  4. Uncheck Enable XSRF protection to disable XSRF protection or check it to enable XSRF protection.
  5. Click Save.

Related pages:

XSRF protection was introduced in Bamboo 5.3, and will be enabled automatically for all new and existing Cloud users. Existing Bamboo users can enable XSRF protection by following the instructions above and checking Enable XSRF protection.

 Is my Bamboo instance already protected against XSRF attacks?

Customers upgrading...XSRF protection enabled
an existing installation of Bamboo 5.2 and earlier to Bamboo 5.3 and later(error) Customers can enable XSRF protection using the instructions on this page.
a new installation of Bamboo 5.3 and later(tick) XSRF protection is enabled.
Bamboo Cloud (Bamboo 5.3)*(error) Customers can enable XSRF protection using the instructions on XSRF Protection in Bamboo OnDemand.

*Note that future versions of Bamboo Cloud will have XSRF protection enabled by default.


  • No labels

 

 

Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.