[ldap] Un-inlining ldap/validate.jelly for CSP compatibility

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      Level easy
      Skills a bit of JavaScript, a bit of Jelly

      Culprit:
      (1) - validation/validate.jelly#L58
      (2) - validation/validate.jelly#L71
      (3) - validation/validate.jelly#L83-L99

      Reproduction steps:

      • Install LDAP or clone https://github.com/jenkinsci/ldap-plugin and then mvn hpi:run
      • Go to Manage Jenkins > Configure Global Security
      • In the "Security Realm" section, select "LDAP"
      • Click on "Test LDAP settings" (1)
      • Click on "Test" (2)

      Screenshot attached about where the feature is displayed.

      Proposal
      https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
      https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks

      Testing notes

      • Ensure to reproduce the feature before any change
      • Ensure that you reproduce the feature after you have made the change

        1. 1.png
          42 kB
          Kevin Guerroudj
        2. 2.png
          19 kB
          Kevin Guerroudj
        3. 3.png
          59 kB
          Kevin Guerroudj

            Assignee:
            Neetigya
            Reporter:
            Kevin Guerroudj
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: