Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Widget connector and privacy?

Henrik Mikkelsen
Henrik Mikkelsen
Contributor
November 7, 2022

I've recently learned that the widget connector has a lively communication before the user interacts with it. For example YouTube it calls:

GET:

  • Youtube.com
  • google.com
  • static.doubleclick.net

POST:

  • jnn-pa.googleapis.com
  • play.google.com
  • YouTube.com

Does anyone know

  1. Do I need to be concerned about the privacy of my users?
  2. What information it sends (to YouTube it's a long  key)?
  3. How to disable it if it sends private information?

 

 

Answer
Watch
Like Be the first to like this
664 views

1 answer

1 accepted

0 votes
Answer accepted
Brant Schroeder
Brant Schroeder
Community Champion
March 9, 2023

@Henrik Mikkelsen the connector would not be sending information.  Any information would be collected by the media item that you inserted.  For instance, if you had a YouTube video whatever YouTube collects through embedded videos would apply to you.  The only way to disable it would be not to use it.  Each company explains what they collect and if you need to be concerned it would depend on your own policies.  

View More Comments
Henrik Mikkelsen
Henrik Mikkelsen
Contributor
March 9, 2023

Hi Brant,

Thanks for the answer. If it's not sending information why does it POST to youtube, doubleclick and google?

In the example of Youtube: When you, as editor, inserts the widget it communicates with Youtube. That's understandable - how else would it get the thumbnail and so forth. No problem.

But when I consume the page as a reader it seems to also send some information to youtube, google and doubleclick for just "showing" it on the page (the POST in OP). Before I, as reader, interacts with the widget. Even if its hidden on another tabsheet in confluence. The reader is totally unaware that he´s sharing information with outside partys. It's OK that it is interacting with youtube if the reader clicks on it. But this is with no interaction whatsoever.

And to make it even more fun. You can't disable the "feature" in Confluence. If you do you will have severe side-effects (the link disappears for the editor).

So - I've reached the same conclusion as you suggest. To not use it and constantly scan my confluence-sites for editors inadvertently using it. I just wish that Confluence would not automatically change my link to a widget that seems to be leaking information.

Like
Brant Schroeder
Brant Schroeder
Community Champion
March 9, 2023

Is all the macro is doing is embedding the youtube video on the page.  Just as you would if you used the embed from the youtube video.  Thus the embedded code is pulling the information and posting it back.  So if you use youtube it will post the same information that an embedded youtube video would or if you are using another video it will post back the same information.  Google has it's own JavaScript that runs and it is not Atlassian.  As far as disabling it you cannot disable it either when you embed a youtube video either. 

Like
Henrik Mikkelsen
Henrik Mikkelsen
Contributor
March 9, 2023

OK, I think I understand what you are saying. When you embed a youtube video it will post to youtube. And that's not Atlassians fault - that's just the way embedding Youtube works.

That's OK. Then it should be a macro you, as editor, could choose. And I, as admin, could disable. As it's working now when I write a link to, for example, Youtube it autocorrects it to use the widget. And I, as admin, can't disable the autocorrect. Or the widget macro. That's what I meant with disabling.

But thanks for your insight. I will go ahead and accept your answer.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.