Confluence 2.6 : Confluence content or attachments are randomly lost
This page last changed on Jan 04, 2007 by david.soul@atlassian.com.
ProblemAttachments, pages or attachments have been deleted from a Confluence instance, possibly over an extended period of time. Probable CauseA user has experienced this problem when downloading an offline copy of their Confluence instance using Webcopier. WebCopier follows every link in Confluence using an aggressive spidering strategy that includes automatic posting of confirmation forms. When WebCopier is run over a page, it follows the remove attachment or page link and performs the equivalent of clicking the OK button on the 'Are you sure you want to remove...?' dialog. If Webcopier has authenticated itself as a user with delete permission for that content, it will then be removed. DetectionEnable user access logging and identify the username deleting content by searching the access log for suspicious requests to doreremoveattachmentonpage.action or removepage.action NotesWebcopier must be used on a Confluence site by an authorised Confluence user for the above problem to occur. For a spider to delete content, it must be provided with the credentials of a Confluence user with the delete privilege and set to blindly post confirmation prompts. Confluence protects against against updates from automated spiders, such as those that would trawl a public instance of Confluence, by requiring that updates to Confluence content are posted via a form. Search spiders and other crawlers avoid populating and submitting forms for precisely this reason and at present, Webcopier is the only spider reported to submit confirmation forms by default. |
![]() |
Document generated by Confluence on Oct 10, 2007 18:49 |