Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-70529

[ldap] Un-inlining ldap/validate.jelly for CSP compatibility

XMLWordPrintable

      Level easy
      Skills a bit of JavaScript, a bit of Jelly

      Culprit:
      (1) - validation/validate.jelly#L58
      (2) - validation/validate.jelly#L71
      (3) - validation/validate.jelly#L83-L99

      Reproduction steps:

      • Install LDAP or clone https://github.com/jenkinsci/ldap-plugin and then mvn hpi:run
      • Go to Manage Jenkins > Configure Global Security
      • In the "Security Realm" section, select "LDAP"
      • Click on "Test LDAP settings" (1)
      • Click on "Test" (2)

      Screenshot attached about where the feature is displayed.

      Proposal
      https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
      https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks

      Testing notes

      • Ensure to reproduce the feature before any change
      • Ensure that you reproduce the feature after you have made the change

        1. 1.png
          1.png
          42 kB
        2. 2.png
          2.png
          19 kB
        3. 3.png
          3.png
          59 kB

            neetigyapod Neetigya
            kevingrdj Kevin Guerroudj
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: