Uploaded image for project: 'Jira Software Data Center'
  1. Jira Software Data Center
  2. JSWSERVER-26311

Inadequate documentation of Velocity template allowlisting after Jira 10.0.X

XMLWordPrintable

    • 2
    • 5
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem

      Velocity template and allowlist security improvements as listed in the Jira Software 10.0.x release notes

       

      Adding the custom velocity template to the allowlist, through the process described on these pages:

      However, they are developer documents and are not very helpful for Jira end users. None of them explains

      • Where to allow these methods
      • How to include all files under /templates/email
      • What is the proper format?
      • Does it work with wildcards?
      • What is this allowlist plugin module and how to use it?

      Suggested Solution

      Clear knowledge article is that explains the Velocity change ( Jira Software 10.0.x release notes) is requires

       

            [JSWSERVER-26311] Inadequate documentation of Velocity template allowlisting after Jira 10.0.X

            SET Analytics Bot made changes -
            Support reference count New: 5
            SET Analytics Bot made changes -
            UIS Original: 1 New: 2
            SET Analytics Bot made changes -
            UIS New: 1
            Chandra Shekhar Pandey made changes -
            Link New: This issue is related to JSWSERVER-26322 [ JSWSERVER-26322 ]
            Baris Ilhan created issue -

              Unassigned Unassigned
              8d241b947074 Baris Ilhan
              Votes:
              5 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: