Holds tests that verify the resolution of non-web actions.
These tests were written in response to SER-127, and SER-128, which were header injection and phishing attacks on redirect after login.
JRA-15966 When External User Management is enabled we should not let users auto signup with "public server mode".
Holds the tests that verify the resolution of web actions when they are specified by an alias in a URL and that the appropriate role checks are applied.
Responsible for testing the retrieval of static web-resources does not expose protected resources.
Copyright © 2002-2017 Atlassian. All Rights Reserved.