Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-69862

[git] checkUrl usage GitPublisher/config.jelly

XMLWordPrintable

    • git-4.13.0

      Level easy
      Skills a bit of JavaScript, a bit of Jelly

      Culprit:

      Reproduction steps:

      • Install Git or clone https://github.com/jenkinsci/git-plugin and then mvn hpi:run
      • Create a freestyle project
      • Add a "Git Publisher" post-build step
      • Click on "Add Tag" or "Add Branch" or "Add Note" (all three are affected)
      • When adding content to their field you should send a POST request with your input as an argument

      Screenshot attached about where the feature is displayed.

      Proposal
      https://www.jenkins.io/doc/developer/security/csp/#legacy-javascript-checkurl-validation

      Testing notes

      • Ensure to reproduce the feature before any change
      • Ensure that you reproduce the feature after you have made the change

        1. CheckUrl.png
          36 kB
          Kevin Guerroudj

            aneveux Antoine Neveux
            kevingrdj Kevin Guerroudj
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: