.png)
Overview:
The {html} macro allows you to add raw HTML to your pages, but should be used with care...
There are times when Wiki Markup Editor doesn't quite provide enough flexibility and the need arises to add custom HTML tags to a page.
If you don't want to create a user macro or plugin to implement custom HTML on your pages, you can simply embed the custom HTML (including scripting) using the {html} macro.
Including unknown HTML inside a webpage is dangerous. Because HTML can contain active scripting components, it would be possible for a malicious attacker to present a user of your site with script that their web browser would believe came from you. Such code could be used, for example, to steal a user's authentication cookie and give the attacker their Confluence login password.
The {html} macro can be used in Comments, Pages, News, profiles and even the Site Welcome Message. If untrusted users have access to add or edit any of these items, you must not use the {html} macro and should instead consider using the html-tag macro.
You should only turn on these macros if you trust all your users not to attempt to exploit them.
Parameters:
{html}HTML content{html}
Your HTML content should ideally be XHTML compatible and can contain CSS and JavaScript.
Examples:
Hints and Tips:
Only enable this macro if you trust everyone (including anonymous users if applicable) who can add or edit content are 100% trustworthy. If you have any doubts at all, do not enable this macro.
This macro allows HTML generated by products such as Macromedia Dreamweaver to be added directly in to pages - if you have a web design agency that wants to have more design freedom then it's an ideal way to enable them to do this.
One of the main benefits of this macro is that it allows you to easily add Forms and JavaScript to your pages should you need to create customised interactive elements. A classic example is shown on our Builder Price List.
You might also find this book interesting.
Frequently Asked Questions:
| Q | Are the security warnings exaggerated? |
|---|---|
| A | No. If you enable this macro and someone decides to abuse it, you're in for a lot of pain. |
| Q | Can I restrict usage of this macro to specific spaces, content types or users? |
|---|---|
| A | No. If it's enabled, then it can be used anywHere, by anyone with add/edit privileges (remember that all registered users have edit privileges in their profile)! |
Comments (3)
Mar 08, 2006
Anonymous says:
How do I get the glossary macro as suggested in Example 1?How do I get the glossary macro as suggested in Example 1?
Mar 08, 2006
Guy Fraser says:
It's a plugin we've been working on for some time but have not yet released - if...It's a plugin we've been working on for some time but have not yet released - if you work for a corporate organisation and can wangle a donation, it would help us prioritise the plugin and get it released (as open source) far sooner...
Dec 04, 2006
Anonymous says:
Hello, I'm about to set up a glossary for our documentation site - do not know...Hello,
I'm about to set up a glossary for our documentation site - do not know yet which technique to use best. And since I see that Adaptavist is developing a glossary macro I would be interested in finding out what how it actually will work, and well it will be released.
My idea would be to set up a glossary page, where all terms are listed in a table (with explanation), and each term has an anchor (name of anchor equal the term itself). In the pages where this term exists, I would add a link referring to this anchor.
It of course would be much nicer if all instances of the term throughout the space would automatically have the link to the term, or even better show the explanation when hovering over with the mouse.