HTML Include Macro
Security considerations
HTML macros are disabled by default
The HTML macro will only be available if it has been enabled by an administrator. Enabling these macros can make your Confluence site vulnerable to cross-site scripting attacks.
Add this macro to your page
To add the HTML Include macro to a page:
- Choose HTML Include from the External content category.
- Enter the URL you want to display.
- Choose Insert.
You can then publish your page to see the macro in action.
Change the macro parameters
Here's a list of the parameters available in this macro.
Parameter | Required | Default | Description |
---|---|---|---|
HTML Page's URL(url ) | Yes | None | The URL of the page to include. |
Enabling the HTML Include Macro
The HTML Include macro is disabled by default. You'll need Confluence Administrator or System Administrator permissions to enable this macro.
Enabling these macros can make your Confluence site vulnerable to cross-site scripting attacks. You should only turn on these macros if you trust all your users not to attempt to exploit them. We strongly recommend leaving this macro disabled if you allow self-signed up or anonymous users to create content.
To enable the HTML Include macro:
Go to
- Select System from the drop down and search for the Confluence HTML Macros system app.
- Expand the listing and enable the html-include (html-include-xhtml) module.
Administrators can also choose to use the allowlist to restrict URLs that can be displayed in the HTML Include macro.
Troubleshooting
- Administrators can define an allowlist of trusted URLs. If a URL is not in the allowlist, you will see an error message in the HTML Include macro.
You can only use the HTML Include macro for pages with absolute links. If you use the macro to include an HTML page that has relative links, you will see a 'Page Not Found' error. See CONF-6567 - Getting issue details... STATUS .
Other ways to add this macro
Add this macro as you type
Add this macro using wiki markup
Macro name: html-include
Macro body: None.
{html-include:url=http://www.example.com}