Uploaded image for project: 'PlantUML Macro'
  1. PlantUML Macro
  2. PLANTUML-19

Do not provide a pre-configured PlantUML server by default

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Unresolved
    • Major
    • None
    • None
    • None
    • Unknown

    Description

      Currently, the PlantUML macro will work by default with http://www.plantuml.com/plantuml configured as the default PlantUML server.

      Administrators may install this extension thinking that rendering is done solely client-side, without sending any information to a remote server. This causes a security risk as it could lead to the leak of confidential information.

      In order to solve this, we would need to remove http://www.plantuml.com/plantuml as the default server configuration. The URL to this server can be provided as part of the hint of the server property.

      Attachments

        Activity

          People

            Unassigned Unassigned
            caubin Clément Aubin
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated: