-
Task
-
Resolution: Fixed
-
Minor
-
-
585.v619f52a_a_09dc
Problems
== Inline Script Block Line: 4 ---- <script type="text/javascript"> function ShowPopup(hoveritem) { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "block"; } function HidePopup() { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "none"; var action = <st:bind value="${it}" />; } function Display(error) { var reasonText = document.getElementById("errordesc"); var action = <st:bind value="${it}" />; action.getReason(error, function(content) { reasonText.textContent = content.responseObject(); }); } </script> ---- == Inline Event Handler Line: 33 ---- <a id="claim" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 47 ---- <a id="reassign" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 70 ---- <f:select onChange="Display(this.value);"/> ---- == Inline Event Handler Line: 88 ---- <button type="button" name="Cancel" formNoValidate="formNoValidate" class="jenkins-button jenkins-submit-button}" onClick="HidePopup();"> ----
Solutions
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
- links to
[JENKINS-74110] [claim] Extract inline script block and event handlers in hudson/plugins/claim/AbstractClaimBuildAction/summary.jelly
Summary | Original: [claim] Extract inline script blocks and lsevent handlers in hudson/plugins/claim/AbstractClaimBuildAction/summary.jelly | New: [claim] Extract inline script blocks and event handlers in hudson/plugins/claim/AbstractClaimBuildAction/summary.jelly |
Assignee | Original: Arnaud TAMAILLON [ greybird ] |
Description |
Original:
h4. Problems {noformat} == Inline Script Block Line: 4 ---- <script type="text/javascript"> function ShowPopup(hoveritem) { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "block"; } function HidePopup() { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "none"; var action = <st:bind value="${it}" />; } function Display(error) { var reasonText = document.getElementById("errordesc"); var action = <st:bind value="${it}" />; action.getReason(error, function(content) { reasonText.textContent = content.responseObject(); }); } </script> ---- == Inline Event Handler Line: 33 ---- <a id="claim" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 47 ---- <a id="reassign" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 70 ---- <f:select onChange="Display(this.value);"/> ---- == Inline Event Handler Line: 88 ---- <button type="button" name="Cancel" formNoValidate="formNoValidate" class="jenkins-button jenkins-submit-button}" onClick="HidePopup();"> ---- == Inline Script Block Line: 4 ---- <script type="text/javascript"> function ShowPopup(hoveritem) { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "block"; } function HidePopup() { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "none"; var action = <st:bind value="${it}" />; } function Display(error) { var reasonText = document.getElementById("errordesc"); var action = <st:bind value="${it}" />; action.getReason(error, function(content) { reasonText.textContent = content.responseObject(); }); } </script> ---- == Inline Event Handler Line: 33 ---- <a id="claim" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 47 ---- <a id="reassign" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 70 ---- <f:select onChange="Display(this.value);"/> ---- == Inline Event Handler Line: 88 ---- <button type="button" name="Cancel" formNoValidate="formNoValidate" class="jenkins-button jenkins-submit-button}" onClick="HidePopup();"> ---- {noformat} h4. Solutions [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers] |
New:
h4. Problems {noformat} == Inline Script Block Line: 4 ---- <script type="text/javascript"> function ShowPopup(hoveritem) { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "block"; } function HidePopup() { var hp = document.getElementById("claimHoverPopup"); hp.style.display = "none"; var action = <st:bind value="${it}" />; } function Display(error) { var reasonText = document.getElementById("errordesc"); var action = <st:bind value="${it}" />; action.getReason(error, function(content) { reasonText.textContent = content.responseObject(); }); } </script> ---- == Inline Event Handler Line: 33 ---- <a id="claim" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 47 ---- <a id="reassign" href="#" onClick="ShowPopup(this); return false;"> ---- == Inline Event Handler Line: 70 ---- <f:select onChange="Display(this.value);"/> ---- == Inline Event Handler Line: 88 ---- <button type="button" name="Cancel" formNoValidate="formNoValidate" class="jenkins-button jenkins-submit-button}" onClick="HidePopup();"> ---- {noformat} h4. Solutions [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers] |
Summary | Original: [claim] Extract inline script blocks and event handlers in hudson/plugins/claim/AbstractClaimBuildAction/summary.jelly | New: [claim] Extract inline script block and event handlers in hudson/plugins/claim/AbstractClaimBuildAction/summary.jelly |
Assignee | New: Yaroslav Afenkin [ yafenkin ] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Remote Link | New: This issue links to "jenkinsci/claim-plugin/pull/335 (Web Link)" [ 30277 ] |
Released As | New: 585.v619f52a_a_09dc | |
Resolution | New: Fixed [ 1 ] | |
Status | Original: In Review [ 10005 ] | New: Closed [ 6 ] |