Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64057

Whitelist XmlUtil and a few java.util scripts

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      We would like to whitelist the following signatures:

      • staticMethod groovy.xml.XmlUtil escapeXml java.lang.String
      • new java.util.concurrent.LinkedBlockingQueue
      • method java.util.concurrent.BlockingQueue poll long java.util.concurrent.TimeUnit
      • staticField java.util.concurrent.TimeUnit MILLISECONDS
      • staticField java.util.concurrent.TimeUnit SECONDS
      • new java.util.TreeMap

      All of these signatures are utility classes and hence, it should be safe to whitelist them. 

        Attachments

          Activity

          Show
          dasanjan1296 Anjan Das added a comment - Link to the PR:  https://github.com/jenkinsci/script-security-plugin/pull/319

            People

            Assignee:
            dasanjan1296 Anjan Das
            Reporter:
            dasanjan1296 Anjan Das
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: