Since 1.3.0, Gatling reports are always served as ZIP file. This is absolutely inconveniant. I suppose the decision was necessary to quickly fix the XSS vulnerability, but there is certainly a better solution than this.  Maybe just like the HTML publisher plugin does (https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy).

I can also imagine a security switch for enabling the old behavior. We are using Jenkins within our intranet with low security constraints, so we don't fear XSS attacks.