Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-39618

HTML in portlet 'Display Name' not rendered in versions more recent than 2.9.7

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: dashboard-view-plugin
    • Labels:
      None
    • Environment:
      Jenkins 1.596.2 or Jenkins 2.19.2 Dashboard View Plugin v2.9.10
    • Similar Issues:

      Description

      Dashboard View Plugin v2.9.10: Does not render HTML in 'Display Name' section
      This was very helpful to customize the portlets. Plugin versions up to v2.9.7 correctly render the HTML.

        Attachments

          Activity

          ioannis Ioannis Moutsatsos created issue -
          Hide
          tgr Tobias Gruetzmacher added a comment -

          This was probably broken by https://github.com/jenkinsci/dashboard-view-plugin/commit/0855c2c4c853df0def0846f5bf966d56d973685f - Need to evaluate if we can safely disable escaping for this field. Probably not, since that would allow users to mount XSS attacks against other users...

          Show
          tgr Tobias Gruetzmacher added a comment - This was probably broken by https://github.com/jenkinsci/dashboard-view-plugin/commit/0855c2c4c853df0def0846f5bf966d56d973685f - Need to evaluate if we can safely disable escaping for this field. Probably not, since that would allow users to mount XSS attacks against other users...
          tgr Tobias Gruetzmacher made changes -
          Field Original Value New Value
          Assignee Evan Van Dyke [ vandyev ] Tobias Gruetzmacher [ tgr ]
          Hide
          ioannis Ioannis Moutsatsos added a comment -

          That is rather unfortunate! It was a really useful feature and I was using it a lot. Any other ideas whether we can enhance the display name tabs? Till then I may have to stick to v2.9.7.

          Thanks and best regards

          Show
          ioannis Ioannis Moutsatsos added a comment - That is rather unfortunate! It was a really useful feature and I was using it a lot. Any other ideas whether we can enhance the display name tabs? Till then I may have to stick to v2.9.7. Thanks and best regards
          tgr Tobias Gruetzmacher made changes -
          Component/s rich-text-publisher-plugin [ 17662 ]
          Hide
          tgr Tobias Gruetzmacher added a comment - - edited

          Ioannis Moutsatsos This bug is probably in the rich-text-publisher-plugin, there is nothing I can do in the dashboard-view-plugin. Ah, I see now, it's about the portlet titles. I think the functionality can be partially restored by passing the text through the configured markup sanitizer...

          Show
          tgr Tobias Gruetzmacher added a comment - - edited Ioannis Moutsatsos This bug is probably in the rich-text-publisher-plugin, there is nothing I can do in the dashboard-view-plugin. Ah, I see now, it's about the portlet titles. I think the functionality can be partially restored by passing the text through the configured markup sanitizer...
          tgr Tobias Gruetzmacher made changes -
          Component/s rich-text-publisher-plugin [ 17662 ]

            People

            Assignee:
            tgr Tobias Gruetzmacher
            Reporter:
            ioannis Ioannis Moutsatsos
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: