Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-21965

Replace unsafe text gadget and add to JIRA Cloud

    XMLWordPrintable

    Details

    • UIS:
      10
    • Support reference count:
      72
    • Feedback Policy:
      We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Atlassian Update - 23 April 2015

      Hi everyone,

      There is an add-onĀ from Atlassian Labs that provides a rich text dashboard gadget for JIRA Cloud. You can find it by searching for "rich text gadget" in the Find New Add-ons page on your JIRA Cloud instance or getting it from the Atlassian Marketplace.

      This add-on is not officially supported by Atlassian.

      Please remember that jira.atlassian.com is one of many inputs for the JIRA roadmap. You can learn more about our process here.

      I understand that our decision may be disappointing. Please don't hesitate to contact me if you have any questions.

      Regards,
      Dave Meyer
      dmeyer@atlassian.com

      The text gadget can make JIRA vulnerable to XSS attacks because it allows arbitrary html, which is why it is disabled by default.

      A wiki rendering replacement could cater to the needs of an arbitrary html gadget without the danger. Custom html could still be added to the wiki gadget where required through the creation of macro plugins for JIRA's wiki renderer.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              chris@atlassian.com Chris Mountford
              Votes:
              147 Vote for this issue
              Watchers:
              102 Start watching this issue

                Dates

                Created:
                Updated: