Versions Compared

Old Version 29

changes.mady.by.user Smita Nair

Saved on

compared with

New Version 30

changes.mady.by.user Smita Nair

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated note about HTML-1013

...

Parameter

Default

Description

Disable secure processing

Off

Enable this option to allow XSLT macro to use all XSLT features including substituting XML entity references with their actual values. This helps to control secure XSL processing. By default, this option is disabled. Available since version 5.1.0.

Restrict URL access

Off

Enable this option to restrict access to remote locations through the Location parameters in the Html-bobswift and XSLT macros. The specified URLs in the macro editors must conform to the Confluence Whitelist; provided, whitelisting is enabled. Available since version 5.3.0.

Confluence allows the administrator to turn on whitelisting to restrict incoming and outgoing connections to only those connections that are configured in the Whitelist settings. If enabled, the URL parameter of the HTML for Confluence macros is also restricted to the URLs that are configured in the Whitelist settings for Confluence only.

Important!

There is a known issue encountered on Confluence 8.7 and above where, if . If this option is disabled and the Confluence whitelist is enabled, the URL content cannot be accessed. Administrators must enable the Dnet.request.allow.all.hosts=true in <yourConfluenceInstance>/bin/setenv.sh to resolve the issue.

Allow JavaScript

On

Enable this option to use Javascript in the HTML for Confluence macros. If enabled, the usage of Javascript in the macros is not restricted and thus, users must be advised about the potential security issues if this feature is not used correctly. If disabled, this option to prevent users from using JavaScript in the HTML for Confluence macros. Available since version 5.4.0.

Note

You can also control Javascript usage on pages that are using the HTML for Confluence macros by enabling the relevant entries in the Macro Security for Confluence Configuration page. Refer toMacro Security Configuration to understand how to enable macros and the Macro Security section for information specific to HTML for Confluence macros.

Blacklist domains

Off

Enable this option to blacklist certain domains. By default, this option is disabled for backward compatibility. Available since version 5.6.0.

If enabled, and if a request from any of these sites is received, an error message is displayed. However, if users still need to access a blacklisted site, they must contact their administrator to disable this option. 

Note

If this option is disabled, access to all domains is permitted!

Click the link named listed (in the description beneath the option) to view a pre-defined list of the most commonly blacklisted domains in a pop-up window. The following sites are blacklisted:

  • 10.0.0.0/8

  • 100.64.0.0/10

  • 127.0.0.0/8

  • 169.254.0.0/16

  • 172.16.0.0/12

  • 192.168.0.0/16

  • 192.0.0.0/24

  • 198.18.0.0/15

  • 255.255.255.255/32

  • 0.0.0.0/32

  • 192.0.2.0/24

  • 192.88.99.0/24

  • 198.51.100.0/24

  • 203.0.113.0/24

  • 224.0.0.0/4

  • 240.0.0.0/4

Blacklist domain values

Pre-defined set of domains

Enter a comma separated list of domains to be blacklisted. This field is enabled only if the Blacklist domains parameter is enabled.

Domains can be added, updated or deleted from the pre-defined entries that are given in the listed link of the Blacklist domains parameter. Available since version 5.8.0. 

Note

If the Blacklist domains parameter is enabled and this text area is left blank, the macros intrinsically reverts back to the pre-defined values (given in the listed link of Blacklist domains) as blacklisted domains. Thus, access to the pre-defined domains is restricted once the Blacklist domains parameter is enabled.

Help us improve the product

On

Enable this option to allow us to collect some usage data that helps us improve our product. Available since version 5.4.0.

...