• Type: Task
• Resolution: Fixed
• Priority: Minor
• Component/s: github-plugin
• Labels:

  • newbie-friendly

1. 

   doCheckHookRegistered.png

   32 kB

   2024-03-08 17:04

2. 

   inlineJS.png

   60 kB

   2024-03-08 17:04

[JENKINS-72788] [github] Un-inlining JS in GitHubPushTrigger/config.groovy

Yaroslav Afenkin created issue - 2024-02-29 12:16

Kevin Guerroudj made changes - 2024-03-08 16:39

Summary

Original: [giithub] Un-inlining JS in GitHubPushTrigger/config.groovy

New: [github] Un-inlining JS in GitHubPushTrigger/config.groovy

Kevin Guerroudj made changes - 2024-03-08 17:04

Description	Original: [https://github.com/jenkinsci/github-plugin/blob/bda9cc0c37dc557d9a1e6e2cbd1684eee205c25d/src/main/resources/com/cloudbees/jenkins/GitHubPushTrigger/config.groovy#L12-L19] contains inline javascript.	New: |Level|*easy*| |Skills|a bit of JavaScript, a bit of Groovy| [https://github.com/jenkinsci/github-plugin/blob/bda9cc0c37dc557d9a1e6e2cbd1684eee205c25d/src/main/resources/com/cloudbees/jenkins/GitHubPushTrigger/config.groovy#L12-L19] contains inline javascript. h4.Reproduction steps - Install [GitHub|https://plugins.jenkins.io/github/] or clone [https://github.com/jenkinsci/github-plugin] and then {{mvn hpi:run}} - Create a freestyle project - You should be able to view the script on the configuration page - Check "GitHub hook trigger for GITScm polling" in the "Build Triggers" section - Reload the page - It should periodically send request to the "checkHookRegistered" endpoint h4.Proposal https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks h4.Testing notes  - Ensure to reproduce the feature before any change  - Ensure that you reproduce the feature after you have made the change
Labels		New: hacktoberfest newbie-friendly

Kevin Guerroudj made changes - 2024-03-08 17:04

Attachment		New: doCheckHookRegistered.png [ 62183 ]
Attachment		New: inlineJS.png [ 62184 ]

Mark Waite made changes - 2024-09-28 17:44

Labels

Original: hacktoberfest newbie-friendly

New: newbie-friendly

Harsh made changes - 2024-09-30 19:46

Assignee

Original: Kirill Merkushev [ lanwen ]

New: Harsh [ harsh_1806 ]

Harsh made changes - 2024-10-01 06:57

Assignee

Original: Harsh [ harsh_1806 ]

Collapse comment: Ivona added a comment - 2024-10-09 15:06

Ivona added a comment - 2024-10-09 15:06

Is this issue fixed? 

The config.groovy file from a cloned repo is different from the one provided as a link.  

Expand comment: Ivona added a comment - 2024-10-09 15:06

Ivona added a comment - 2024-10-09 15:06 Is this issue fixed?  The config.groovy file from a cloned repo is different from the one provided as a link.  

Collapse comment: Yaroslav Afenkin added a comment - 2024-10-09 15:32

Yaroslav Afenkin added a comment - 2024-10-09 15:32

Seems to be fixed by https://github.com/jenkinsci/github-plugin/pull/383.
Nothing indicates that PR was reviewed though, so I'll try to check it tomorrow & close the issue if everything is OK.

Expand comment: Yaroslav Afenkin added a comment - 2024-10-09 15:32

Yaroslav Afenkin added a comment - 2024-10-09 15:32 Seems to be fixed by https://github.com/jenkinsci/github-plugin/pull/383 . Nothing indicates that PR was reviewed though, so I'll try to check it tomorrow & close the issue if everything is OK.

Yaroslav Afenkin made changes - 2024-10-10 10:17

Remote Link

New: This issue links to "jenkinsci/github-plugin/pull/383 (Web Link)" [ 30031 ]

Load more newer events