The Exalate team will be on holiday for the coming days - returning Jan 4
Enjoy & stay safe
If you have removed the attachment option from your incoming script, the remote side would still be sending the encrypted data of the attachment in their payload but your instance won't process it so answering your question, the attachments will be filtered out when Exalate is processing your incoming script rules.
If no attachments will be synced between both instances I would recommend removing the option from the outgoing rules of the public side as well, since it will be consuming processing resources without need.
Let me know if you have any additional questions.
Add your comment...
- Ron Becker
Thanks for the information. I'm still trying to understand how this exactly works. Security asked me to make sure that the attachments from the public server do never appear somewhere on our server. Not in the database and not on the file system.
My understanding at the moment on how it works....
- The private server is sending API GET calls to check if the public server has an update
- When there is an update on the public server, the public server answers a GET call with a JSON file containing field information and the attachments (Are the attachments somehow included in the JSON file?)
- The GET call saves the JSON file and the attachments in the incoming queue (in the database?!)
- Exalate processes the field information and attachments from the incoming queue dependent in the incoming script rules.
In my understanding the field information including attachments are still imported in the (Private Server) Oracle database.
Dependent on the incomming script rules the information is written to Oracle and the attachments will be left out or are written into the Jira Data directory.
Is this assumption correct?
We removed the attachment option in the incomming script because we don't want to receive attachments from external contractors directly on our Jira Server.
I would like to know where the attachments are blocked when the external partner sends attachments because they have this in the outgoing script.
In our configuration we have a private and a public Jira Server instance.
Attachments send from the public instance should never appear on the private server.
With other words: When are the attachments filtered from the API get call?
Thanks in advance for your help.