Skip to end of banner
Go to start of banner

Release notes 5.6

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 27 Current »


What's new

Blacklist domains option in Global Configuration

Administrators can choose to blacklist a pre-defined list of private networks, hosts or subnets to avoid Server Side Request Forgeries (SSRF) using the Blacklist domains configuration option. This feature comes in handy when deploying your instance to any Cloud platform such as Amazon Web Services (AWS), Microsoft Azure, and so on.

By default, this option is disabled. If enabled, and if a request from any of the blacklisted sites is received, an error message is displayed. However, if users still need to access a blacklisted site, they must contact their system administrator to disable this option. Click the link named listed (in the description beneath the option) to view the pre-defined list of the most commonly blacklisted domains in a pop-up window.

Enhanced security against XSS vulnerabilities

This app version now provides enhanced security to handle any cross-site scripting from the macros.

Release highlights


Resolved issues

type key summary reporter priority status resolution
Refresh

  • No labels


Find answers from the community.

Ask a question to the community.

Log a request with our support team.

Confluence®, Jira®, Atlassian Bamboo®, Bitbucket®, Fisheye®, and Atlassian Crucible® are registered trademarks of Atlassian®
Copyright © 2005 - 2024 Appfire | All rights reserved. Appfire™, the 'Apps for makers™' slogan and Bob Swift Atlassian Apps™ are all trademarks of Appfire Technologies, LLC.

Error formatting macro: include: java.lang.IllegalArgumentException: No link could be created for 'HTML:appfire-confluence-analytics'.