The configuration settings affect the way certain parameters of the app's macros work, in general.
...
The following configuration tabs are available:
Anchor html_57_config_global html_57_config_global
Global Configuration
| html_57_config_global | |
| html_57_config_global |
...
| Parameter | Description | ||
|---|---|---|---|
| Disable secure processing | Enable this option to allow XSLT macro to use all XSLT features including substituting XML entity references with their actual values. This helps to control secure XSL processing. By default, this option is disabled. Available since version 5.1.0. | ||
| Restrict URL access | Enable this option to restrict access to remote locations through the Location parameters in the Html-bobswift and XSLT macros. The specified URLs in the macro editors must conform to the Confluence Whitelist; provided, whitelisting is enabled. Available since version 5.3.0. Confluence allows the administrator to turn on whitelisting to restrict incoming and outgoing connections to only those connections that are configured in the Whitelist settings. If enabled, the URL parameter of the HTML for Confluence macros is also restricted to the URLs that are configured in the Whitelist settings for Confluence only. | ||
| Allow JavaScript | Enable this option to use Javascript in the HTML for Confluence macros. Available since version 5.4.0.
| ||
| Blacklist domains | Enable this option to blacklist certain domains. By default, this option is disabled for backward compatibility. Available since version 5.6.0. If enabled, and if a request from any of these sites is received, an error message is displayed. However, if users still need to access a blacklisted site, they must contact their administrator to disable this option.
Click the link named listed (in the description beneath the option) to view a pre-defined list of the most commonly blacklisted domains in a pop-up window. The following sites are blacklisted:
| ||
| Help Us Improve the Product | Enable this option to allows us to collect some usage data that helps us improve our product. To learn more about what is being sent, refer to Analytics data. Available since version 5.4.0. |
...
Since release 5.7.0, the HTML macro name has changed from HTML to Html-bobswiftbobswift to comply with Atlassian requirements. Existing pages that use the the HTML macro name with the Macro Security macro are unaffected. Any new pages that are created automatically use the , and for any new macro additions to render HTML content, specify the same HTML configurations for the Html-bobswift macro name. So, entries macro name as given for the HTML macro. In such cases, parameters for both, HTML and and Html-bobswift, macro names must be kept added in Macro Security for Confluence ConfigurationConfiguration to render the HTML content on the pages correctly. Any entries made for the the XSLT macro macro remain unaffected and hence, the entries made for this macro can be retained as-is in the Macro Security configuration. The macro parameters that must be specified in Macro Security for Confluence Configuration for any of the HTML for Confluence app macros are as follows:
For HTML macro:
- Key: html
Value: *ANY - Key: html.allowJavascript
Value: *ANY - Key: html.profile.*
Value: *ANY
...