Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Repair Jira Macros


Column
width95%

What's new


Anchor
Blacklist_optn
Blacklist_optn
Blacklist domains option in Global Configuration

Administrators can choose to blacklist a pre-defined list of private networks, hosts or subnets to avoid Server Side Request Forgeries (SSRF) using the Blacklist domains configuration option. This feature comes in handy when deploying your instance to any Cloud platform such as Amazon Web Services (AWS), Microsoft Azure, and so on.

By default, this option is disabled. If enabled, and if a request from any of the blacklisted sites is received, an error message is displayed. However, if users still need to access a blacklisted site, they must contact their system administrator to disable this option. Click the link named listed (in the description beneath the option) to view the pre-defined list of the most commonly blacklisted domains in a pop-up window.

Anchor
Enhanced_XSS_security
Enhanced_XSS_security
Enhanced security against XSS vulnerabilities

This app version now provides enhanced security to handle any cross-site scripting from the macros.



Div
stylepadding-top:15px;

Release highlights



Section


Page Properties
hiddentrue
idrelease_details


Release Date

2020-02-07

Version5.6
Purpose
  • Blacklist domains option in Global Configuration
  • Enhanced security against XSS vulnerabilities
  • Resolved issues





Anchor
Fixes
Fixes
Resolved issues

Jira Legacy
serverSystem JIRA
columnstype,key,summary,reporter,priority,status,resolution
maximumIssues20
jqlQuery(project = HTML AND fixVersion = "5.6.0") ORDER BY priority DESC
serverId729d679a8382ec9d-302cabb6-339f3a29-958b8d72-015e107badcd95b9a5732a63