Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-21965

Replace unsafe text gadget

XMLWordPrintable

    • 52
    • 72
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Atlassian Update - 23 April 2015

      Hi everyone,

      There is an add-on from Atlassian Labs that provides a rich text dashboard gadget for JIRA Cloud. You can find it by searching for "rich text gadget" in the Find New Add-ons page on your JIRA Cloud instance or getting it from the Atlassian Marketplace.

      This add-on is not officially supported by Atlassian.

      Please remember that jira.atlassian.com is one of many inputs for the JIRA roadmap. You can learn more about our process here.

      I understand that our decision may be disappointing. Please don't hesitate to contact me if you have any questions.

      Regards,
      Dave Meyer
      dmeyer@atlassian.com

      The text gadget can make JIRA vulnerable to XSS attacks because it allows arbitrary html, which is why it is disabled by default.

      A wiki rendering replacement could cater to the needs of an arbitrary html gadget without the danger. Custom html could still be added to the wiki gadget where required through the creation of macro plugins for JIRA's wiki renderer.

            Unassigned Unassigned
            chris@atlassian.com Chris Mountford
            Votes:
            178 Vote for this issue
            Watchers:
            113 Start watching this issue

              Created:
              Updated: