Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-5889

Console Output does not escape output

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • core
    • None
    • OS X; firefox; latest hudson download as of March 9, 2010

      When the console output of a build prints out html metacharacters, they are not escaped when printed to the page, resulting in a messed up display at best, xss vulnerability at worst.

      Steps:
      1. Configure a job that runs some build
      2. Make sure that build prints out some html or xml (eg from unit test logs) or just anything with <s and >s
      3. Run the build, observe the console output

          [JENKINS-5889] Console Output does not escape output

          jeremyhuiskamp created issue -
          Andrew Bayer made changes -
          Link New: This issue duplicates JENKINS-5852 [ JENKINS-5852 ]
          Andrew Bayer made changes -
          Resolution New: Duplicate [ 3 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          Andrew Bayer made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]
          Jenkins IRC Bot made changes -
          Component/s New: core [ 15593 ]
          Component/s Original: gui [ 15492 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 135981 ] New: JNJira + In-Review [ 203787 ]

            Unassigned Unassigned
            jeremyhuiskamp jeremyhuiskamp
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: