We would like to whitelist the following signatures:

      • staticMethod groovy.xml.XmlUtil escapeXml java.lang.String
      • new java.util.concurrent.LinkedBlockingQueue
      • method java.util.concurrent.BlockingQueue poll long java.util.concurrent.TimeUnit
      • staticField java.util.concurrent.TimeUnit MILLISECONDS
      • staticField java.util.concurrent.TimeUnit SECONDS
      • new java.util.TreeMap

      All of these signatures are utility classes and hence, it should be safe to whitelist them. 

          [JENKINS-64057] Whitelist XmlUtil and a few java.util scripts

          Anjan Das added a comment -

          Anjan Das added a comment - Link to the PR:  https://github.com/jenkinsci/script-security-plugin/pull/319

            dasanjan1296 Anjan Das
            dasanjan1296 Anjan Das
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: