Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Wat te doen met SVG attachments?

Deleted user January 23, 2020

Gebruikers hebben de vraag gesteld of het mogelijk is om SVG image bestanden te kunnen gebruiken in Confluence. We hebben een SVG-Out add-on bekeken en daarop security tests losgelaten. We waren in staat om malafide scripts in de SVG te stoppen op een manier die de testserver onderuit haalde. We hebben 2 flinke lekken gevonden in de add-on en gebruik van SVG daarom niet toegestaan.

Ben benieuwd hoe andere grote bedrijven kijken naar attachments in het algemeen.

We maken gebruik van een Server licentie.

Comment
Watch
Like Dave Liao likes this
1482 views

1 comment

Comment

Log in or Sign up to comment
Dave Liao
Dave Liao
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 1, 2020

@[deleted] - if you're still using Confluence Server (or Data Center), there's a way to do this. Attach an SVG to a page, then...

meow.PNG

While editing pages, you can embed various types of media to display in-line. This does not work in Confluence Cloud, however.

Like
Reply
Dave Liao
Dave Liao
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 1, 2020

p.s. vote this suggestion up if you're interested in truly native support of SVG files inside Confluence (including Confluence Cloud): https://jira.atlassian.com/browse/CONFSERVER-1762

Like
Deleted user December 2, 2020

If you are using no add-on Confluence pages will not show an SVG attachment, it will just show a grey square with the name of the attachment. Clicking on it will open the file and show the SVG. What we tried to do is to use an add-on to show the SVG attachments in the Confluence page. We looked at the SVG-out add-on to do that but it failed our security tests.

SVG is a very hackable format that can easily hide unwanted (HTML) coding. We were able to hack into Confluence just by adding malicious code into the SVG attachment. So, we do not want SVG to be used on our system as our security measurements will not allow this vulnerability risk. 

Like
Dave Liao
Dave Liao
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 2, 2020

@[deleted] - oh, I misunderstood your question!

Also, regarding my suggestion, that should work in a vanilla Confluence installation. I just tested in a test Confluence on my laptop and I'm able to embed.

Like
groups-icon
Amsterdam
TAGS
AUG Leaders

Atlassian Community Events

    See all events