-
Improvement
-
Resolution: Fixed
-
Minor
eval call in textarea.js
Culprit
Proposal
https://www.jenkins.io/doc/developer/security/csp/#eval-calls
Testing
[JENKINS-71515] [core] CSP compatibility: eval call in textarea.js (codemirror-config)
Assignee | New: Yaroslav Afenkin [ yafenkin ] |
Description |
Original:
{{eval}} call in textarea.js
h4. Culprit [https://github.com/jenkinsci/jenkins/blob/19edf146946dd0e1b8ec5b909d002ffca53e8209/war/src/main/webapp/scripts/hudson-behavior.js#L1391] h4. Proposal [https://www.jenkins.io/doc/developer/security/csp/#eval-calls] h4. Testing [https://www.jenkins.io/doc/developer/security/csp/#testing] |
New:
{{eval}} call in textarea.js
h4. Culprit [https://github.com/jenkinsci/jenkins/blob/19edf146946dd0e1b8ec5b909d002ffca53e8209/core/src/main/resources/lib/form/textarea/textarea.js#L6] h4. Proposal [https://www.jenkins.io/doc/developer/security/csp/#eval-calls] h4. Testing [https://www.jenkins.io/doc/developer/security/csp/#testing] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Remote Link | New: This issue links to "jenkinsci/jenkins/pull/8351 (Web Link)" [ 28859 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Status | Original: In Review [ 10005 ] | New: In Progress [ 3 ] |
Status | Original: In Progress [ 3 ] | New: Open [ 1 ] |
Assignee | Original: Yaroslav Afenkin [ yafenkin ] |
Remote Link | New: This issue links to "jenkinsci/jenkins/pull/6867 (Web Link)" [ 28861 ] |
Summary | Original: [core] CSP compatibility: eval call in textarea.js | New: [core] CSP compatibility: eval call in textarea.js (codemirror-config) |