Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42902

HTML in description is always escaped

    XMLWordPrintable

Details

    Description

      HTMLs in the description is no longer displayed without escaping for SECURITY-353.

      To fix:

      • use `ParameterDefinition#getFormattedDescription` introduced in Jenkins-1.521.
        • 1.532 is the least LTS.
      • Set `escapeEntryTitleAndDescription` to false.

      It might be useful if itroducing the previewing feature like this:

          <f:textarea name="parameter.description" value="${instance.description}" codemirror-mode="${app.markupFormatter.codeMirrorMode}" codemirror-config="${app.markupFormatter.codeMirrorConfig}" previewEndpoint="/markupFormatter/previewDescription" />
      
      • This is introduced since Jenkins-1.554.

      Attachments

        Issue Links

          Activity

            ikedam ikedam created issue -
            ikedam ikedam made changes -
            Field Original Value New Value
            Issue Type Improvement [ 4 ] Bug [ 1 ]
            ikedam ikedam made changes -
            Link This issue is related to JENKINS-43381 [ JENKINS-43381 ]
            scm_issue_link SCM/JIRA link daemon made changes -
            Resolution Fixed [ 1 ]
            Status Open [ 1 ] Resolved [ 5 ]
            ikedam ikedam made changes -
            Status Resolved [ 5 ] Closed [ 6 ]

            People

              ikedam ikedam
              ikedam ikedam
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: