Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)
Teams
, (opens new window)
HTML for Confluence
Results will update as you type.
  • Overview
  • Installation
  • Get started
    • User guide - 5.x
    • User guide - Cloud
      • HTML macro - Cloud
      • XSLT macro - Cloud
    • Differences between HTML Macro for Confluence and HTML for Confluence
  • Tutorials
  • Migration
  • Release notes
  • Help and support
  • Miscellaneous
    You‘re viewing this with anonymous access, so some content might be blocked.
    /
    HTML macro - Cloud
    Updated 9h ago

    HTML macro - Cloud

    Features

    • Supports capabilities for including data similar to other scripting macros.

    • Supports find and replace for adjusting the resulting output.

    • Allows administrators to restrict the usage of JavaScript in the HTML macro (based on Allow JavaScript in Configuration settings). The Confluence page throws a rendering error if this parameter is not enabled, and JavaScript is inserted while using the macro.

    Parameters

    GIF shows how HTML code is entered directly in the macro editor.
    Embed code in macro editor
    GIF shows how profiles are used with the macro.
    Use profile to access and display HTML

     

    Macro editor label

    Default

    Description

    Macro editor label

    Default

    Description

    Data source

    Data source

     

    Specify the source of the HTML content to be rendered. The options available are:

    • HTML embed code: Enter HTML code to display content. If this option is selected, a code block section appears where you can enter customized HTML code to be displayed. 

    • URL: Show HTML content as referenced with the given URL. If this option is selected, a URL parameter is displayed. Enter the URL of the required source from which the HTML content is to be displayed on the page.

    • Profile: Select a profile to access the required source and display relevant content. Enter the profile name to be transformed. Refer to this link to know more about profiles. Contact your Confluence administrator for further information about the profiles available in your instance.

    • Attachment: Specify the attachment whose content is to be rendered. By default, if selected, Space and Page show the current space and page, respectively, and you can select an attachment available on this page. The following parameters are shown:

      • Space: Data is read from an attachment to the page name provided in the space indicated.

      • Page: Data is read from an attachment to the page name provided.

      • Attachment: Data is read from an attachment to the current page.

    Once you specify the data source, click anywhere to see the Preview.

    Layout

    Height of iframe (in px)

     

    Enter the minimum height (in px or em) to be used for the rendered content.

    If you do not specify, the height is auto-rendered according to the HTML content.
    If you specify the height, the HTML content fits within the specified height. If the content exceeds the specified height, a scroll bar is displayed that lets you scroll through the content.

    Example: 500px or 1.5em 

    Settings

    Format

    html

    Specify how the output is treated. The options are as follows:

    • html - transformed output is standard HTML

    • xhtml - transformed output is treated as XHTML and rendered with the Confluence XHTML renderer

    • wiki - transformed output is treated as wiki markup and rendered with the Confluence wiki renderer

    XHTML and wiki support are removed from 3.0.0 version of app.

    Find regex patterns

     

    Enter a comma-separated list of regex patterns to use to post-process the output HTML with find and replace logic. Example: (href=)(/display)

    Replacement strings

     

    Enter a comma-separated list corresponding to find patterns via index position in the list. If a comma is a part of an entry, use single quotes around it. Example: $1$base_url$2

    Timeout in milliseconds

     

    Enter time in milliseconds such that URL connections do not timeout before getting data. Use this to increase time needed for slow connections. Note that if a zero is given the connection may wait infinitely.

    File encoding

    system default

    Specify the encoding for an external file, if different from the system default handling. Example: UTF-8.

    Allow same origin

    Off

    Enable the page viewing user to execute scripts to access cookies and Confluence APIs.

    If the Allow JavaScript global configuration is enabled, the page viewing user can execute scripts to access cookies and Confluence APIs.

    Allow script execution

    Off

    Enable to allow scripts to be executed. 

    If the Allow JavaScript global configuration is enabled, execution of scripts in the HTML macro is always allowed regardless of the Allow script execution parameter status.

    Macro security and macro parameter settings

    Macro security support is removed from 3.0.0 version of app.

    This section explores how the script global setting and the parameter settings (Allow same origin and Allow script execution) affect the macro's content. To learn more about the macro security configurations, see the Configuration page.

    The following table explains this correlation:

    Global configuration - Allow JavaScript parameter is enabled?

    Global configuration - Macro security is provided?

    Page restrictions given?

    Macro parameters setting

    How is the HTML content affected?

    Allow same origin

    Allow script execution

    Yes

    NA

    NA

    NA

    NA

    Works as expected. If this global configuration parameter is enabled, it overrides any other settings. This is the default behaviour.

    No

    Not defined or none are applied

    NA

    Off

    Off

    Works as expected.

    Off

    On

    Displays a warning message to apply macro security parameter/space/user/group restrictions and have similar page level restrictions to proceed.

    On

    Off

    On

    On

    Displays a warning message to apply macro security parameter/space/user/group restrictions and have similar page level restrictions to proceed.

    Defined (either Parameter name is given or trusted space/user/group is given)

    Same as macro security restrictions

    Off

    Off

    Works as expected. Scripts are not executed and no warnings are displayed.

    NA

    Off

    On

    Displays a warning message to apply macro security parameter/space/user/group restrictions and have similar page level restrictions to proceed.

    On

    Off

    Same as macro security restrictions

    On

    On

    Works as expected. Macro security parameter/space/user/group restrictions must be applied and similar page level restrictions set to render content.

    Points to remember

    • If the global app configuration Allow JavaScript parameter is enabled, it overrides any settings made to the Allow script execution or Allow same origin parameters. This is the default behaviour. This ensures that scripts are executed and content is rendered.

    • Warning messages are displayed if restricted user/group tries to access a trusted space and the content is not rendered.

    Examples

    The following examples show how you can use the macro to render HTML content:

    HTML from an attachment

    {html:script=^example.html} {html}

    HTML from an URL

    {html:script=#http://localhost/example.html} {html}

    Use of CSS inline style sheet

    {html} <P style="font-size: x-large; color: #8000"> Using inline style sheets - or is that inline styles? </p> {html}

     

    Need support? Create a request with our support team.

    Copyright © 2005 - 2025 Appfire | All rights reserved.

    {"serverDuration": 14, "requestCorrelationId": "04a69457b6b24aea8598edee9eaea029"}