This question is in reference to Atlassian Documentation: HTML Macro
I am the Admin for our site, and I went looking for this macro per the "Enabling the HTML Macro" instructions and could not find it. Is it no longer available?
Hi Phil,
The HTML macro that was available for server isn't available on cloud.
However we've built a secure HTML macro as part of the Macro for Toolbox Cloud add-on which will let you embed HTML content into a page. Hope that helps!
@Tim Clipsham,
Thanks for the pointer. What exactly makes your macro secure in a way that the unavailable Confluence one isn't?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No worries. The original server macro embeds the content directly into the page itself but our add-on sandboxes your content inside an iframe. We have some more specifics under "Security" in our documentation.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Update: Our documentation has moved here: https://docs.goodsoftware.co/macro-toolbox (I can't edit my prior post).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
FYI company behind Macro Toolbox was acquired by Atlassian and they decided to discontinue this app.
As alternative option, you can use our app HTML Macro for Confluence
available in Marketplace.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Original answer (for posterity):
For security reasons, the built-in HTML macro is not allowed to be enabled on Atlassian Cloud instances. This is a good thing because it makes your Atlassian Cloud Confluence safer.
However, that does not mean that you can't have a HTML Macro. Instead, to get a HTML Macro back you merely install an add-on from the marketplace that will provide it for you.
Here is one for example: https://marketplace.atlassian.com/plugins/biz.artemissoftware.confluence.html.HtmlMacro/cloud/overview
Jan 2022 Update:
For everybody coming here in 2022 and beyond, have you considered using the Forge Platform (and Custom UI) to inject your custom HTML as an App in Jira or Confluence cloud. Like Server, and the HTML Macro, you won't have to host it yourself and it is very secure too; Forge was built with security and trust as first principles. It also is zero cost (other than the effort that it takes you to write the HTML and the Forge App). I highly recommend giving it a try if you are looking for a free solution to this problem OR you are looking for high levels of customisability.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Well I don't understand something, What makes it safer? Pay for it?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It is not that you have to pay for it that makes it safe. The problem with the HTML Macro, as it exists in Confluence Server, is that a malicious user could inject any arbitrary HTML you like into the page and perform any action that you like. That is why we block the HTML macro in our Cloud products. This is an acceptable tradeoff for Server because many Server and Data Center customers that are heavily data privacy conscious will put their server instance in a VPN.
The Atlassian App framework uses iframes, scopes and other mechanisms to block what a 3rd party app can, and cannot, do. This significantly restricts the surface area of harm that injecting arbitrary HTML can cause. So it is the fact that these HTML macros are implemented as Atlassian Apps at all than make them more secure.
Also, our App developers could put in even more safeguards again.
In short, Apps are pretty cool and we invest in making them secure. I hope that answers the question?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That's not solution. The solution is add the html/css and sanitize all inputs.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have updated the answer to include Forge as a potential solution to this problem. It can achieve more than the level of customisability that people are looking for.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Now in 2024, it seems Atlassian is moving to nothing but paid options and reducing native functionality altogether. I switched companies and it is amazing what has been stripped that I was using in the Cloud as part of my instance, that is now, no longer available unless I buy an app. And it isn't like Atlassian is getting any cheaper.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It seems the solution is to pay for it and it becomes "Safer". Embedding html should come out of the box. Paying subscription fee for such a feature seems bad enough to walk away from confluence into a platform that does not want to squeeze money out of subscribers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Have you considered using the Forge Platform (and Custom UI) to inject your custom HTML as an App in Jira or Confluence cloud. Like Server, and the HTML Macro, you won't have to host it yourself and it is very secure too. It also is zero cost (other than the effort that it takes you to write the HTML and the Forge App).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.