Versions Compared

Old Version 18

changes.mady.by.user Nishanth Thimmareddy

Saved on

compared with

New Version 19

changes.mady.by.user Smita Nair

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What's new

Anchor
MD_BlacklistDomainsConfig
MD_BlacklistDomainsConfig
Blacklist domains option in Global Configuration

Administrators can choose to blacklist a pre-defined list of private networks, hosts or subnets to avoid Server Side Request Forgeries (SSRF) using the Blacklist domains configuration option. This feature comes in handy when deploying your instance to any Cloud platform such as Amazon Web Services (AWS), Microsoft Azure, and so on.

By default, this option is disabled. If enabled, and if a request from any of the blacklisted sites is received, an error message is displayed. However, if users still need to access a blacklisted site, they must contact their system administrator to disable this option. Click the link named listed (in the description beneath the option) to view the pre-defined list of the most commonly blacklisted domains in a pop-up window.

Anchor
MD_SecurefromXSS
MD_SecurefromXSS
Enhanced security against XSS vulnerabilities

This app version now provides enhanced security to handle any cross-site scripting from the macros.

Release highlights

Div
stylepadding-top:15px;


Section


Column


Page Properties
hiddentrue
idrelease_details


Release Date

2020-02-07

Version3.5
Purpose
  • Blacklist domains option in Global Configuration
  • Enhanced security against XSS vulnerabilities
  • Resolved issues







Anchor
#MD_35_ResolvedIssues
#MD_35_ResolvedIssues
Resolved issues

Jira Legacy
serverSystem JIRA
columnstype,key,summary,reporter,priority,status,resolution
maximumIssues20
jqlQuery(project = MARKDOWN AND fixVersion = "3.5.0") ORDER BY priority DESC
serverId729d679a-302c-339f-958b-015e107badcd