-
Task
-
Resolution: Unresolved
-
Minor
Note
While testing this plugin, evaluate whether the third-party libraries inĀ src/main/webapp/js/libs are compatible with CSP in restrictive mode. The libraries may call eval, which is not allowed in restrictive mode.
Problems
== Inline Script Block
Line: 19
----
<script>
var $j = jQuery.noConflict();
</script>
----
== Inline Script Block
Line: 128
----
<script>
var runtimeLowThreshold = "${it.runTimeLowThreshold}";
var runtimeHighThreshold = "${it.runTimeHighThreshold}";
var customStatuses = {
'PASSED':'PASSED',
'SKIPPED':'SKIPPED',
'FAILED':'FAILED',
'N/A':'N/A'
}
function generateCharts() {
var chartType = {
type: jQuery("#chartDataType").val(),
line: jQuery('#linegraph').is(':checked'),
bar: jQuery('#bargraph').is(':checked'),
pie: jQuery('#piegraph').is(':checked')
}
generateChart(chartType);
//fixes Jenkins issue where page content is not correctly placed until the window is resized
window.dispatchEvent(new Event('resize'));
}
jQuery(document).ready(function () {
jQuery("#allnoofbuilds")[0].checked = ${it.showAllBuilds};
jQuery("#show-build-durations")[0].checked = ${it.showBuildTime};
jQuery("#hide-config-methods")[0].checked = ${it.hideConfigurationMethods};
jQuery("#linegraph")[0].checked = ${it.showLineGraph};
jQuery("#bargraph")[0].checked = ${it.showBarGraph};
jQuery("#piegraph")[0].checked = ${it.showPieGraph};
jQuery("#noofbuilds").attr('disabled', ${it.showAllBuilds});
if ("${it.chartDataType}" === "runtime") {
jQuery("#chartDataType").val("runtime");
jQuery("#bargraph").attr('disabled', true);
} else {
jQuery("#chartDataType").val("passfail");
}
setCustomStatuses();
populateTemplate();
});
jQuery("#settingsmenubutton").click(function () {
jQuery("#settingsmenu").slideToggle(400, function () {
//fixes Jenkins issue where page content is not correctly placed until the window is resized
window.dispatchEvent(new Event('resize'));
});
//fixes Jenkins issue where page content is not correctly placed until the window is resized
window.dispatchEvent(new Event('resize'));
});
jQuery("#allnoofbuilds").change(function () {
jQuery("#noofbuilds").attr('disabled', this.checked);
});
jQuery("#chartDataType").change(function (e) {
jQuery("#bargraph").attr('disabled', e.target.value == "runtime");
});
jQuery("#downloadCSV").click(function () {
var noOfBuilds = "-1";
if (!jQuery("#allnoofbuilds").is(":checked")) {
noOfBuilds = jQuery("#noofbuilds").val();
}
remoteAction.getExportCSV(displayValues, noOfBuilds, function(t) {
download("Test Results.csv", t.responseObject());
})
});
jQuery("#getbuildreport").click(function () {
populateTemplate();
});
jQuery("#expandall").click(function () {
expandAll();
});
jQuery("#collapseall").click(function () {
collapseAll();
});
function setCustomStatuses(){
customStatuses['PASSED'] = "${it.passedRepresentation}";
customStatuses['SKIPPED'] = "${it.skippedRepresentation}";
customStatuses['FAILED'] = "${it.failedRepresentation}";
customStatuses['N/A'] = "${it.naRepresentation}";
}
function download(filename, text) {
var element = document.createElement('a');
element.setAttribute('href', 'data:text/plain;charset=utf-8,' + encodeURIComponent(text));
element.setAttribute('download', filename);
element.style.display = 'none';
document.body.appendChild(element);
element.click();
document.body.removeChild(element);
}
</script>
----
== Inline Event Handler
Line: 84
----
<input id="filter" class="table-filter" type="text" placeholder="Test/Class/Package" onkeyup="searchTests()"/>
----
Solutions
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
