Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62072

The Badge Plugins is no longer displaying color text anywhere addHtmlBadge & createSummary

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Minor Minor
    • badge-plugin
    • None

       

      // code placeholder

      def WhatText = "hello" 

      def mycolor = "blue"

      addHtmlBadge html: "<font color='${mycolor}'>${WhatText}</font><br>", id: "blue" createSummary('orange-square.gif').appendText("<h2><font color='${mycolor}'>${WhatText}</font></h2>")

       

       all the test will be in black and white

       I am not exactly sure what version broken this . it was some version in the past month or so.

       I really miss this features as it help figure out what is wrong.

          [JENKINS-62072] The Badge Plugins is no longer displaying color text anywhere addHtmlBadge & createSummary

          Marc Brugger added a comment -

          Hi Steven

          The functionality is still available, but it has to be enabled in the jenkins configuration. 
          Use 'Disable OWASP Markup Formatter' to enable html rendering.

          I had to enable the OWASP Formatter to prevent vulnerabilities introduced by html injection.

           

          If html formatting is desired, the feature hast do be actively disabled by the user.

           

          Best Regards,

          Marc

          Marc Brugger added a comment - Hi Steven The functionality is still available, but it has to be enabled in the jenkins configuration.  Use 'Disable OWASP Markup Formatter' to enable html rendering. I had to enable the OWASP Formatter to prevent vulnerabilities introduced by html injection.   If html formatting is desired, the feature hast do be actively disabled by the user.   Best Regards, Marc

          Steven Fransen added a comment - - edited

          i see 5 different plugins that are OWASAP 

          OWASP Dependency-Check

          Official OWASP ZAP

          ZAP Pipeline

          OWASP ZAP

          OWASP Dependency-Track

           can you help me a little bit more I do not understand what you are asking me to do 

          they all look like Proxy  and such

           how do I disable this feature?

           Thanks

          Steven Fransen

           never mind I found the answer no plugin required just in  Jenkins 

           Configure System  in the Badge Plugin Section 

           just check the Disabled OWASP Mark Formatter

           it would have been nice if in the released notes

          Steven Fransen added a comment - - edited i see 5 different plugins that are OWASAP  OWASP Dependency-Check Official OWASP ZAP ZAP Pipeline OWASP ZAP OWASP Dependency-Track  can you help me a little bit more I do not understand what you are asking me to do  they all look like Proxy  and such  how do I disable this feature?  Thanks Steven Fransen  never mind I found the answer no plugin required just in  Jenkins   Configure System  in the Badge Plugin Section   just check the Disabled OWASP Mark Formatter  it would have been nice if in the released notes

          Marc Brugger added a comment -

          This Change was introduced in version 1.5 https://github.com/jenkinsci/badge-plugin/blob/master/CHANGELOG.md 
          The change was triggered by the Jenkins Security Advisory https://www.jenkins.io/security/advisory/2018-06-25/#SECURITY-906 which gave to requirement, to prevent cross-site scripting.

          In version 1.8 I added the possibility to disable the Formatter in case the user wanted to have this feature.

          I will add a section to the readme about the config

          Marc Brugger added a comment - This Change was introduced in version 1.5  https://github.com/jenkinsci/badge-plugin/blob/master/CHANGELOG.md   The change was triggered by the Jenkins Security Advisory  https://www.jenkins.io/security/advisory/2018-06-25/#SECURITY-906  which gave to requirement, to prevent cross-site scripting. In version 1.8 I added the possibility to disable the Formatter in case the user wanted to have this feature. I will add a section to the readme about the config

            bakito Marc Brugger
            rentahippie Steven Fransen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: