Bugfix release with one security fix.
Today we released version 4.13.3 of the projectdoc Toolbox.
This is release provides a collection of bug fixes, including one security fix.
The projectdoc Toolbox is an add-on for Confluence supporting agile software development teams to collaborate on process, project, system, and product documentation.
If you want to learn more about the projectdoc Toolbox and how it helps to create good project documentation, please refer to the introduction video!
The following image is a link to a video on YouTube. When you click the link your browser will serve a page from youtube.com.
Very interesting, but way too fast?
Step through at your own pace with with our Prezi Presentation (external link to prezi.com )!
In the Online Manual you’ll find additional video material that introduces you in the concepts of the projectdoc Toolbox.
Refer to use cases and show cases for information on how to use the projectdoc Toolbox.
List of Changes
The following changes are part of the latest projectdoc Toolbox for Confluence.
| Key | Summary | T | P | Description |
|---|---|---|---|---|
| PDAC-1504 | Encoding Issues with Quote External Macro |
|
|
Parameters are not fully encoded when the Quote External Macro is rendered. This is an security issue if the attacker has write privileges on pages. |
| PDAC-1505 | Render Error on Invalid Protocol for Quote External Macro |
|
|
In case an URL with an invalid protocol is used by the External Quote macro then this URL is silently ignored and no link is rendered. Instead an error box should be rendered by the macro to signal clearly that the protocol is wrong. |
| PDAC-1499 | Render specific Error Message on missing Document |
|
|
In case the documents of the Code Macro is not specified, then a specific error message should be rendered. |
| PDAC-1506 | Tour by Property Macro fails on empty Name List in Debug Mode |
|
|
If debug mode is activate then the Tour-by-Property Macro reports text from the Name List Macros as missing items. Instead it should simple render no hits. |
| PDAC-1503 | Render Macro Error Message in Error Box |
|
|
The message is currently styled as information on Confluence 7.x. |
| PDAC-1502 | Render Protocol Error not to Log |
|
|
The Link External Macro logs invalid protocols to the server's error log. It should only be displayed in the user's UI. |
| PDAC-1501 | Fix I18N for Code Macro |
|
|
Macro fails to access resource bundle with the correct keys. The keys used are provided by the InfoSys extension. If this extension is not deployed, the resources are missing. The keys must be altered to point to resources in the Toolbox's bundle. |
| PDAC-1498 | Fix Encoding of Code Macro Content |
|
|
The code content of the Code Macro must not be encoded. |