The RSS and HTML-include macros are used to include content dynamically from other websites onto a Confluence page. The included content may possibly be malicious or harmful to your Confluence instance.
Confluence administrators can set up a list of trusted URLs, thus limiting the locations from which the RSS macro and the HTML-include macro can draw their content.
The form below allows you to define specific URLs and/or URL patterns which are trusted, or to allow inclusion from all URLs without restriction.
To configure the URL whitelist,
 - Select 'Configure Whitelist' in the left-hand panel.
- The 'Configure Whitelist' screen will appear, as shown in the screenshot below.
- Select one of the radio buttons as follows:
- Allow all domains — There will be no restrictions to the content which can be included onto your Confluence pages.
- Restrict to listed domains — Confluence will allow content from trusted URLs only. When you select this option, a textbox will open allowing you to enter specific URLs and/or URL patterns. Enter one or more URLs, each on its own line. You can enter the full URL, or use the pattern matching rules described below.
- [保存] をクリックします。
|
Screenshot: Configuring a URL whitelist
URL Pattern-Matching Rules
1 行に URL または URL パターンを 1 つ入力します。以下で説明するように、完全な URL を入力するか、パターン マッチングを使用できます。
- ルールが等号 (=) で始まる場合、「=」に続く正確な URL のみが許可されます。
- ルールがスラッシュ (/) で始まる場合、ルール全体が正規表現として扱われます。
- それ以外の場合、アスタリスク (*) は、1 つ以上の文字に一致するワイルドカードとして扱われます。
What Happens to a Page Containing a Disallowed URL?
注意
Some things to be aware of:
- By default, the RSS and HTML-include macros are disabled in Confluence. A System Administrator can enable them on the 'Plugins' screen of the Confluence Administration Console.
- A user who has the 'Confluence Administrator' permission, but not necessarily the 'System Administrator' permission, can configure the URL whitelist (for the HTML-include and RSS macros).
関連トピック
Enabling HTML macros
RSS Feed Macro
HTML Include Macro
