This issue has been created
 
 
PlantUML Macro / cid:jira-generated-image-avatar-1edb5105-ef82-4643-86f6-67c3184e7883 PLANTUML-19 Open

Do not provide a pre-configured PlantUML server by default
 
View issue   ·   Add comment
 

Issue created

 
cid:jira-generated-image-avatar-1c978e69-bc4f-4a86-91cd-789645c73aa4 Clément Aubin created this issue on 06/Dec/24 17:34
 
Summary: Do not provide a pre-configured PlantUML server by default
Issue Type: cid:jira-generated-image-avatar-1edb5105-ef82-4643-86f6-67c3184e7883 Improvement
Assignee: Unassigned
Created: 06/Dec/24 17:34
Priority: cid:jira-generated-image-static-major-6a09f34c-8a05-42fb-95ad-07b38a6541de Major
Reporter: Clément Aubin
Description:

Currently, the PlantUML macro will work by default with http://www.plantuml.com/plantuml configured as the default PlantUML server.

Administrators may install this extension thinking that rendering is done solely client-side, without sending any information to a remote server. This causes a security risk as it could lead to the leak of confidential information.

In order to solve this, we would need to remove http://www.plantuml.com/plantuml as the default server configuration. The URL to this server can be provided as part of the hint of the server property.
 
 
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6) Atlassian logo
If image attachments aren't displayed, see this article.