Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6801

With "Enable project-based security" on for workspace. non logged in users can view the html

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      When project based security is on and only authorised users are able to view the workspace. the html plugin should only display the html link to users who are logged in and have workspace access.

      We use this plugin to display code coverage data (lcov) which contains source code.

      Can security please be intergrated with this plugin?

        Attachments

          Activity

          Hide
          mcrooney mcrooney added a comment -

          Hm, I imagined it is a report like Javadoc or JUnit, and I don't think those require security. However I can see where arbitrary html reports have the potential to be more sensitive. I don't actively work on this plugin anymore but I'd welcome a patch which added an option (off by default for compatibility) to require workspace permissions to view!

          Show
          mcrooney mcrooney added a comment - Hm, I imagined it is a report like Javadoc or JUnit, and I don't think those require security. However I can see where arbitrary html reports have the potential to be more sensitive. I don't actively work on this plugin anymore but I'd welcome a patch which added an option (off by default for compatibility) to require workspace permissions to view!

            People

            Assignee:
            r2b2_nz Richard Bywater
            Reporter:
            rajpra rajpra
            Votes:
            1 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated: