SQL for Confluence 4.1.0 released

Created by Bob Swift
Last updated: Jun 22, 2014 by Betsy Walker
1 min read

Release Content

  1. Support anti-XSS - respects the Confluence global security setting for Anti-XSS
  2. Updated for specific Confluence 3.1+ support

Incompatibilities due to anti-XSS support

If your site administrator has enabled anti-XSS support in Confluence global security settings, upgrading to this release may cause some sql queries to not display as before. Only those sql tables that use output=html and have html content could be affected. For instance, an html link like <a href=http://google.com>google</a> will no longer be display as a link. If this usage is important for some of your site pages, you can use Macro Security for Confluence and authorize usage of the disableAntiXss parameter to return to previous support but only for content controlled by trusted users.

Release 4.2.0 has a config option to disable anti-XSS

See SQL-116. This provides administrators an option to globally disable anti-XSS support for HTML content produced by the SQL macro. This may be convenient where SQL macro use is already controlled by Macro Security for instance.

Log a request with our support team.

Confluence®, Jira®, Atlassian Bamboo®, Bitbucket®, Fisheye®, and Atlassian Crucible® are registered trademarks of Atlassian®
Copyright © 2005 - 2024 Appfire | All rights reserved. Appfire™, the 'Apps for makers™' slogan and Bob Swift Atlassian Apps™ are all trademarks of Appfire Technologies, LLC.