Skip to end of banner
Go to start of banner

Release Notes 5.6

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »


What's New in this Release

Added Blacklist domains option

Users can now blacklist private networks, hosts or subnets to avoid Server Side Request Forgeries (SSRF) through the Blacklist domains configuration option. By default, this option is disabled. If enabled, users can view a list of sites that are commonly blacklisted. If a request from any of these sites is received after enabling the option, the user is prompted to contact the System Administrator for further processing, or, an error message is displayed.

To view the default list of sites that can be blacklisted, click the link named listed. A pop-up with the most commonly blacklisted sites appears as shown:

Enhanced security against XSS vulnerabilities

This app version now has enhanced security implemented to handle any cross-site scripting from the macros.

Release Highlights


Resolved Issues

type key summary reporter priority status resolution
Refresh

  • No labels


Find answers from the community.

Ask a question to the community.

Log a request with our support team.

Confluence®, Jira®, Atlassian Bamboo®, Bitbucket®, Fisheye®, and Atlassian Crucible® are registered trademarks of Atlassian®
Copyright © 2005 - 2024 Appfire | All rights reserved. Appfire™, the 'Apps for makers™' slogan and Bob Swift Atlassian Apps™ are all trademarks of Appfire Technologies, LLC.

Error formatting macro: include: java.lang.IllegalArgumentException: No link could be created for 'HTML:appfire-confluence-analytics'.