This release resolves several important bugs and patches a few XSS vulnerabilities.

As you may have noticed we've been accelerating our updates. Don't worry, we won't be going the route of Firefox and Chrome as Gliffy 12 won't be coming out anytime soon... But we are working hard to make Gliffy as bug free and stable as possible. That means we'll be releasing more frequently as we get fixes into the product. With the UPM in Confluence, it's as easy as pressing "upgrade" to get the newest version of our plugin!

Here are the highlights:

  • A fix for weird shift key behavior in Chrome on Mac! (refer to this advisory)
  • A fix for two stored XSS vulnerabilities discovered when Gliffy works in the new Confluence 4 editor

Release Notes - Gliffy Confluence Plugin v4.0.2

  • [GLIFFY-2085] - Server side transcoding fails with broken image symbol
  • [GLIFFY-3741] - Ghost SHIFT key issue on Chrome 12 on MAC
  • [GLIFFY-4265] - Link Navigator when used with Gliffy in the Confluence RTE fails in "" context
  • [GLIFFY-4266] - Alignment options in Confluence stand alone editor do nothing
  • [GLIFFY-4280] - Print to PDF does not work in Confluence
  • [GLIFFY-4281] - Do not allow diagrams names with leading whitespace
  • [GLIFFY-4286] - Apache FileUpload and Flash
  • [GLIFFY-4295] - Javascript Error with Gliffy in Confluence 4 Editor
  • [GLIFFY-4303] - Error Rendering Gliffy Macro in Confluence 3.5
  • [GLIFFY-4305] - Link Navigator Does not Revert back to Old Navigator when Rest API is disabled
  • [GLIFFY-4306] - Pages/Attachments with single Quotes can't be linked to
  • [GLIFFY-4307] - Delay initialization of the JAXB context until requesting a Template
  • [GLIFFY-4312] - Edit button in Attachments view doesn't work
  • [GLIFFY-4313] - After launching Editor from Attachment back, Back to Confluence link is incorrect
  • [GLIFFY-4314] - More Property Panel in Confluence 4.0 needs better validation
  • [GLIFFY-4317] - Diagrams in Gliffy sandbox render as "Gliffy Macro Error" if you are viewing as an anonymous user
  • [GLIFFY-4321] - Confluence 4 - Autosaves made on Confluence Draft Pages are Unrecoverable
  • [GLIFFY-4329] - Page Images - Attachment Page Link is Broken
  • [GLIFFY-4330] - Can't use images when confluence page is a draft
  • [GLIFFY-4331] - Attachment request broken on Confluence draft page
  • [GLIFFY-4334] - Confluence space name is rendered unescaped by Gliffy dialog (stored XSS vuln)
  • [GLIFFY-4335] - Gliffy diagram filename is rendered unescaped by Gliffy dialog (stored XSS vuln)
  • [GLIFFY-4342] - When using an invalid upgrade and you attempt to edit a Gliffy diagram in the RTE, no error occurs and the RTE becomes unstable
  • [GLIFFY-4338] - Add i18n keys for macro exceptions