/
Security Considerations
Security Considerations
- Technical Communications
- Bob Swift (Deactivated)
- Sireesha Dugginapeddi [Appfire] (Inactive) (Deactivated)
Owned by Technical Communications
Last updated: Aug 31, 2018 by Sireesha Dugginapeddi [Appfire] (Inactive) (Deactivated)
The run macro allows for getting input from users that have view access. Care must be taken to prevent that input from containing unexpected data that is not handled properly by the processing in the body. Here are some hints and tips.
- Consider using Macro Security for Confluence to control who can create content using the run macro - at least on sites with higher security needs. This can restrict use to people more experienced with security implications.
- Use pre-defined value fields instead of open ended text fields. For example, select lists, radio buttons, and similar where appropriate.
- When using text fields as substitution for values in SQL statements, use SQL parameter markers instead of direct SQL syntax. See Wikipedia: SQL injection.
, multiple selections available,
Related content
Understanding How Macro Security Works
Understanding How Macro Security Works
More like this
How to use SQL macros securely
How to use SQL macros securely
More like this
Key Concepts - 4.x
Key Concepts - 4.x
More like this
Release notes 6.3
Release notes 6.3
More like this
How to add or modify data using the Run macro (without a user form)
How to add or modify data using the Run macro (without a user form)
More like this
SQL Query macro - Cloud
SQL Query macro - Cloud
More like this
Log a request with our support team.
Copyright © 2005 - 2025 Appfire | All rights reserved.