[Bamboo Knowledge Base]
To prevent users being tricked into unintentionally submitting malicious data, Bamboo uses XSRF security protection.
Atlassian supported plugins have been updated to support XSRF. XSRF protection is enabled by default for Atlassian Cloud customers and new customers for Bamboo Server, however, if you are using a plugin that is not yet compatible with this security feature, you can disable it.
Please carefully consider the security risks before you disable XSRF protection in your Bamboo installation.
Read more about XSRF (Cross Site Request Forgery) at wikipedia.
To configure XSRF protection:
Related pages:
XSRF protection was introduced in Bamboo 5.3, and is enabled automatically for all existing and new Atlassian Cloud users. Existing Bamboo Server users can enable XSRF protection by following the instructions above and checking Enable XSRF protection.
Customers upgrading... | XSRF protection enabled |
---|---|
an existing installation of Bamboo 5.2 and earlier to Bamboo 5.3 and later | Customers can enable XSRF protection using the instructions on this page |
a new installation of Bamboo Server 5.3 and later | XSRF protection is enabled by default |
Bamboo Cloud | XSRF protection is enabled by default. |