Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6801

With "Enable project-based security" on for workspace. non logged in users can view the html

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor Minor
    • htmlpublisher-plugin
    • None

      When project based security is on and only authorised users are able to view the workspace. the html plugin should only display the html link to users who are logged in and have workspace access.

      We use this plugin to display code coverage data (lcov) which contains source code.

      Can security please be intergrated with this plugin?

          [JENKINS-6801] With "Enable project-based security" on for workspace. non logged in users can view the html

          mcrooney added a comment -

          Hm, I imagined it is a report like Javadoc or JUnit, and I don't think those require security. However I can see where arbitrary html reports have the potential to be more sensitive. I don't actively work on this plugin anymore but I'd welcome a patch which added an option (off by default for compatibility) to require workspace permissions to view!

          mcrooney added a comment - Hm, I imagined it is a report like Javadoc or JUnit, and I don't think those require security. However I can see where arbitrary html reports have the potential to be more sensitive. I don't actively work on this plugin anymore but I'd welcome a patch which added an option (off by default for compatibility) to require workspace permissions to view!

            r2b2_nz Richard Bywater
            rajpra rajpra
            Votes:
            1 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated: