How Whitelisting and Blacklisting work
Whitelist:
The whitelisting feature only controls which URL can be iframed into Confluence. The Iframes for Confluence macro can’t restrict where code, such as JavaScript, will reach out to since this is based entirely on the behavior of the end user’s browser which the macro cannot control.
Blacklist:
The blacklisting feature on Iframes for Confluence is designed to complement the whitelisting feature by controlling and restricting specific URLs or domains from being iframed into Confluence. Unlike the Whitelisting Feature, which specifies allowed sources, blacklisting enables administrators to explicitly deny certain sources, enhancing control over content integration.
How to configure it
Select the Filter Mode and follow the steps below:
Add the IP/Domain pattern that you’d like to allow/deny access from the Iframes for Confluence macro;
Hit “Add”, this will add the Domain Pattern/IP into the “Added patterns” list;
Hit “Save”, this will save the changes to the configuration and will apply it to all the Iframes for Confluence macros.