Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62949

HyperLinkNote does not escape single quote char

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      Jenkins 2.245, Jenkins 2.235.2

      Description

      Currently the Jenkins allows single quotes(') in job names.
      So if an upstream job triggers downstream jobs(having single quotes), (multijob, trigger another job or paramterized builds), console log rendering HyperLinkNote of jobs has correct text but href value redirects to incomplete job URL.

      For that I created below PR and tested successfully:

      https://github.com/jenkinsci/jenkins/pull/4758

      How it can be merged?

        Attachments

          Activity

          abmaster AB S created issue -
          abmaster AB S made changes -
          Field Original Value New Value
          Description Currently the Jenkins allows single quotes(') in job names.
          So if an upstream job triggers downstream jobs(having single quotes), (multijob, trigger another job or paramterized builds), console log rendering HyperLinkNote of jobs has correct text but href value redirects to incomplete job URL.

          For that below PR is created and tested successfully:

          [https://github.com/jenkinsci/jenkins/pull/4758]

          How it can be merged?
          Currently the Jenkins allows single quotes(') in job names.
           So if an upstream job triggers downstream jobs(having single quotes), (multijob, trigger another job or paramterized builds), console log rendering HyperLinkNote of jobs has correct text but href value redirects to incomplete job URL.

          For that I created below PR and tested successfully:

          [https://github.com/jenkinsci/jenkins/pull/4758]

          How it can be merged?
          oleg_nenashev Oleg Nenashev made changes -
          Remote Link This issue links to "https://github.com/jenkinsci/jenkins/pull/4758 (Web Link)" [ 25313 ]
          oleg_nenashev Oleg Nenashev made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          oleg_nenashev Oleg Nenashev made changes -
          Status In Progress [ 3 ] In Review [ 10005 ]
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          This fix was released in Jenkins 2.245 and Jenkins 2.235.2

          Related security advisory: https://www.jenkins.io/security/advisory/2020-07-15/#SECURITY-1945

          Show
          oleg_nenashev Oleg Nenashev added a comment - This fix was released in Jenkins 2.245 and Jenkins 2.235.2 Related security advisory:  https://www.jenkins.io/security/advisory/2020-07-15/#SECURITY-1945
          oleg_nenashev Oleg Nenashev made changes -
          Released As Jenkins 2.245, Jenkins 2.235.2
          Resolution Fixed [ 1 ]
          Status In Review [ 10005 ] Resolved [ 5 ]
          oleg_nenashev Oleg Nenashev made changes -
          Labels security

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            abmaster AB S
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: