• Type: Bug
• Resolution: Unresolved
• Priority: Minor
• Component/s: build-failure-analyzer-plugin
• Labels:

  • plugins
• Environment:

  Jenkins ver. 1.651.1
  Build Failure Analyzer 1.15.0

[JENKINS-37891] Build Failure Analyzer: output of tests not escaped on build results page

kutzi created issue - 2016-09-01 13:26

kutzi made changes - 2016-09-01 13:27

Environment

Original: Jenkins ver. 1.625.2 Build Failure Analyzer 1.13.3

New: Jenkins ver. 1.651.1 Build Failure Analyzer 1.15.0

kutzi made changes - 2016-09-01 13:28

Labels

Original: jenkins plugins

New: plugins

kutzi made changes - 2016-09-01 13:30

Description

Original: As you hover over the right-side of "Indication_1", a down-arrow appears. If you click on the arrow, a contextMenu XHR request fires in the background. Unfortunately, they all seem to fail with a 404 "not found" response. Error message on Web debugger console: prototype.js:1585 POST http://jenkins/job/job_name/build_number/consoleFull/contextMenu 404 (Not Found) I believe it is because of invalid URL for contextMenu; consoleFull/contextMenu. Context menus for others work with JSON, however, consoleFull/contextMenu just redirects to the build page, also hard to expect any contextMenu from console output. Just in case it has been probably caused from old version of plug-in, please let me know. Otherwise, I recommend that the URL for down-arrow menu should be modified for proper purposes, for example a selection for highlighted (claimed) lines for the build log indication.

New: We had the 'Treat failed test cases' checkbox enabled and so test outputs are written on the build page. In one of those case the test output contained HTML source - which wasn't escaped and so used as part of the page DOM. As this was an overly blocking the whole page, this was kind of annoying. I've now updated to 1.17.0, but still not better for the existing builds.