HoriZZon View for Confluence

Making sharing of HoriZZon content in Confluence easy and secure

The documentation below refers to the cloud version of Horizzon view for Confluence. The same features are available in the Server/Data Center version, with the same features but with slight visual variations.

Introduction

HoriZZon View for Confluence is an app (plug-in) for Atlassian Confluence to streamline and secure the process of sharing content published in BiZZdesign's HoriZZon portal in Confluence. The primary advantages of the app are:

  • Enabling a fullscreen view of the shared HoriZZon view on Confluence. This introduces streamlined navigation not available when using the HTML-include-macro approach.
  • No need to utilise the HTML-include-macro which can make your Confluence site vulnerable to cross-site scripting attacks (see Security considerations section on the HTML-include-macro page for details).
  • Increased sharing security as the actual url is not visible anywhere in the Confluence UI, hence eliminating unintential sharing of the url to 3rd parties that normally should not have access to the contents.

The HoriZZon View for Confluence app is available through the Atlassian Marketplace.

To get started go through the following content:

Usage: Configuration

In order to use the HoriZZon View app to share HoriZZon content you first need to configure the app. You will need administrator right in order to perform the needed configuration. However, before going to Confluence you will need to figure out your HoriZZon host FQDN. The easiest way to do this is to enable sharing in your HoriZZon instance and click the Share button in published view in a site made shareable in HoriZZon.

In the Share view popup click on the Confluence button in the Embedded view section.

The host FQDN will be visible in the url of the HTML-code (which has been highlighted in the above screenshot). Make a note of the host FQDN as you'll need in the next step.

Log into Confluence with a user that has administrator privileges and navigate to Confluence Administration. In the left hand side menu under Apps you will find a menu item called HoriZZon View Admin which leads to a configuration screen as shown above.

Insert the host FQDN (only the host name, any prefix like http:// or trailing / will not pass validation) you made a note of and press the Save button.

Usage: Inserting a view

To share content published and made shareable in HoriZZon you will use the View key, the View key is a string of characters that identify the view to show. In order to fetch the View key you'll need to first navigate to the view you want to share and click the Share button.

In the Share view popup click on the Confluence button in the Embedded view section.

The view key will be visible in the url of the HTML-code (which has been highlighted in the above screenshot). Make a note of the view key as you'll need in the next step.

In Confluence navigate to the page you wish to insert the shared view into. Press the Edit button to edit the page.

In editing mode move the cursor to the position where you want to add the HoriZZon view and click on Insert Elements / dropdaown and start typing in Horizzonview in the searchfield and select Horizzon view.

In the macro configuration view you now need to insert the view key you copied from the Share view on Confluence popup in HoriZZon. You can also configure the size of the view from the size dropdown as well as the aspect ratio from the aspect dropdown. The preview will update as you are configuring. Save your page.

Once you save your page the view will be rendered on the page. In order to enable reasonable navigation of the Confluence page any interactions (for instance scrolling or navigating to HoriZZon) with the view are disabled. However, interactions are available in the fullscreen view.

The fullscreen view can be activated by pressing the button in the upper right corner.

The fullscreen view can be interacted with (zoom and panning). The view can be closed by pressing the close button in the upper right corner or by pressing outside the fullscreen view.

Security feature

The app will sanitize any given input parameters to mitigate injection exploits.

In this example malicious html is injected to the view key parameter.