Last active
April 24, 2022 15:58
-
-
Save silkentrance/c5be7e72a1a55b9a44878d13f33df922 to your computer and use it in GitHub Desktop.
Confluence: View PDF Attachments inline instead of downloading them
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Locate your confluence server deployment root, e.g. ``/foo/atlassian/confluence/7.x.x`` | |
```bash | |
> cd /foo/atlassian/confluence/7.x.x | |
``` | |
Under ``confluence/WEB-INF/classes/com/atlassian``, create the following folder structure: ``http/mime``, | |
resulting in ``confluence/WEB-INF/classes/com/atlassian/http/mime``, e.g. | |
```bash | |
> mkdir -p confluence/WEB-INF/classes/com/atlassian/http/mime | |
``` | |
Now, copy the hostile-attachments-config.properties to the newly created folder. | |
The only difference here is that ``application/pdf`` was moved from ``executable.mime.types`` | |
to ``safe.file.mime.types``. | |
(Note that this file was taken from ``confluence/lib/atlassian-http-2.0.8.jar``.) | |
Restart your confluence service and all PDFs should now be displayed inline, | |
utilizing the built-in PDF viewer of the browser. | |
Be warned that this might pose a security risk for your users. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This file configures the HostileAttachmentsHelper class which is responsible for determining whether a file of a | |
# given Content-Type or with a given file extension could be interpeted by the browser or one of its common plugins | |
# as an executable content type which runs code that can access the browser DOM and cookies etc. | |
# | |
# Examples of such content include JavaScript in HTML files and Flash content run by the Flash and Shockwave/Flash plugins. | |
# | |
# The format of this file is that the right side of the equals sign must contain a whitespace separated list of case-insensitive terms. | |
# | |
# Set this property to the list of file extensions that are known to connote content types that execute with access | |
# to the browser (like cookies and DOM) | |
# | |
executable.file.extensions = .htm .html .xhtml .shtml .xml .svg .swf .cab .flv .f4v .f4p .f4a .f4b | |
# This property denotes a set of extensions that are considered text based. | |
text.file.extensions = .txt | |
# This property denotes a set of MIME types that are considered text types. | |
text.file.mime.types = text/plain | |
# Set this property to the list of MIME Content-Types that will be handled by an in-browser runtime that has access to | |
# the browser (like cookies and DOM) | |
# | |
executable.mime.types = text/html text/html-sandboxed text/xhtml application/xhtml+xml \ | |
text/xml application/xml text/xml-external-parsed-entity application/xml-external-parsed-entity application/xml-dtd \ | |
application/x-shockwave-flash image/svg+xml image/svg-xml application/futuresplash application/x-cab video/x-flv \ | |
application/octet-stream message/rfc822 text/vnd.wap.wml application/atom+xml text/webviewhtml application/rdf+xml \ | |
application/mathml+xml multipart/x-mixed-replace application/vnd.wap.xhtml+xml text/rdf text/xsl text/vtt | |
safe.file.mime.types = application/pdf audio/32kadpcm audio/3gpp audio/amr audio/amr-wb \ | |
audio/annodex audio/basic audio/csound audio/flac audio/g.722.1 audio/l16 \ | |
audio/midi audio/mp4a-latm audio/mpa-robust audio/mpeg audio/mpegurl \ | |
audio/ogg audio/parityfec audio/prs.sid audio/telephone-event audio/tone \ | |
audio/vnd.cisco.nse audio/vnd.cns.anp1 audio/vnd.cns.inf1 audio/vnd.digital-winds \ | |
audio/vnd.everad.plj audio/vnd.lucent.voice audio/vnd.nortel.vbk \ | |
audio/vnd.nuera.ecelp4800 audio/vnd.nuera.ecelp7470 audio/vnd.nuera.ecelp9600 \ | |
audio/vnd.octel.sbc audio/vnd.qcelp audio/vnd.rhetorex.32kadpcm \ | |
audio/vnd.vmx.cvsd audio/x-aiff audio/x-gsm audio/x-mpegurl audio/x-ms-wma \ | |
audio/x-ms-wax audio/x-pn-realaudio-plugin audio/x-pn-realaudio \ | |
audio/x-realaudio audio/x-scpls audio/x-sd2 audio/x-wav audio/vorbis \ | |
image/cgm image/g3fax image/gif image/ief image/jp2 image/jpeg image/jpm \ | |
image/jpx image/naplps image/pcx image/png image/prs.btif image/prs.pti \ | |
image/tiff image/vnd.cns.inf2 image/vnd.djvu image/vnd.dwg image/vnd.dxf \ | |
image/vnd.fastbidsheet image/vnd.fpx image/vnd.fst \ | |
image/vnd.fujixerox.edmics-mmr image/vnd.fujixerox.edmics-rlc \ | |
image/vnd.microsoft.icon image/vnd.mix image/vnd.net-fpx image/vnd.svf \ | |
image/vnd.wap.wbmp image/vnd.xiff image/x-canon-cr2 image/x-canon-crw \ | |
image/x-cmu-raster image/x-coreldraw image/x-coreldrawpattern \ | |
image/x-coreldrawtemplate image/x-corelphotopaint image/x-epson-erf \ | |
image/x-icon image/x-jg image/x-jng image/x-ms-bmp image/x-nikon-nef \ | |
image/x-olympus-orf image/x-photoshop image/x-portable-anymap \ | |
image/x-portable-bitmap image/x-portable-graymap image/x-portable-pixmap \ | |
image/x-rgb image/x-xbitmap image/x-xpixmap image/x-xwindowdump \ | |
video/3gpp video/annodex video/dl video/dv video/fli \ | |
video/gl video/mpeg video/MP2T video/mp4 video/quicktime video/mp4v-es video/ogg \ | |
video/parityfec video/pointer video/webm video/vnd.fvt video/vnd.motorola.video \ | |
video/vnd.motorola.videop video/vnd.mpegurl video/vnd.mts \ | |
video/vnd.nokia.interleaved-multimedia video/vnd.vivo video/x-la-asf \ | |
video/x-mng video/x-ms-asf video/x-ms-wm video/x-ms-wmv video/x-ms-wmx \ | |
video/x-ms-wvx video/x-msvideo video/x-sgi-movie video/x-matroska video/hevc \ | |
video/avc video/x-vnd.on2.vp8 video/x-vnd.on2.vp9 \ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment