Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-74146

[last-changes] Extract inline script blocks and event handlers in com/github/jenkins/lastchanges/LastChangesBuildAction/index.jelly

      Note

      While testing this plugin, evaluate whether the third-party libraries in src/main/webapp/js are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.

      Problems

      == Inline Script Block
      Line: 9
      ----
      <script type="text/javascript">window.jQueryJenkins = jQuery.noConflict();</script>
      ----
      
      == Inline Script Block
      Line: 34
      ----
      <script>
                   jQueryJenkins(document).ready(function () {
                       if (jQueryJenkins('#main-panel').length) {
                           jQueryJenkins('#main-panel').attr('class','col-sm-24 col-md-24 col-lg-24 col-xlg-24');
                       }
                       var buildChanges = "<j:out value="${it.buildChanges.escapedDiff}"/>";
                       var sidePanelTD = document.getElementById('side-panel');
                       if (sidePanelTD) {
                           sidePanelTD.parentNode.removeChild(sidePanelTD);
                       }
      
                       if(buildChanges) {
                           var diff2htmlUi = new Diff2HtmlUI({diff: buildChanges});
      
                           diff2htmlUi.draw('#${it.config.format().getFormat()}', {
                                   inputFormat: 'json',
                                   outputFormat: '${it.config.format().getFormat()}',
                                   showFiles: ${it.config.showFiles()},
                                   synchronisedScroll: ${it.config.synchronisedScroll()},
                                   matchWordsThreshold: '${it.config.matchWordsThreshold()}',
                                   matchingMaxComparisons: '${it.config.matchingMaxComparisons()}',
                                   matching: '${it.config.matching().getMatching()}'
                               }
                           );
                           diff2htmlUi.fileListCloseable('#${it.config.format().getFormat()}', false);
                           diff2htmlUi.highlightCode('#${it.config.format().getFormat()}');
                       } else {
                           jQueryJenkins('#line-by-line').append('<p style="margin-top:150px;text-align:center;font-size:14px;">No changes between revision <span style="font-weight:600;text-decoration:underline">${it.buildChanges.currentRevision.commitId}</span> and <span style="font-weight:600;text-decoration:underline">${it.buildChanges.previousRevision.commitId}</span> </p>')
                           jQueryJenkins('#changes-info, .d2h-show2').hide();
                       }
      
                   }); //end documentReady
      
                  function showCommits() {
                          jQueryJenkins('.d2h-show2').hide();
                          jQueryJenkins('.d2h-hide2, #commits').show();
                         }
      
                  function hideCommits() {
                          jQueryJenkins('.d2h-show2').show();
                          jQueryJenkins('.d2h-hide2, #commits').hide();
                       }
            </script>
      ----
      
      == Inline Event Handler
      Line: 118
      ----
      <a class="d2h-file-switch d2h-hide2" style="display: none;" onclick="hideCommits()">
      ----
      
      == Inline Event Handler
      Line: 119
      ----
      <a class="d2h-file-switch d2h-show2" style="display: inline;" onclick="showCommits()">
      ----
      

      Solutions

      https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
      https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers

          [JENKINS-74146] [last-changes] Extract inline script blocks and event handlers in com/github/jenkins/lastchanges/LastChangesBuildAction/index.jelly

          Basil Crow created issue -
          Basil Crow made changes -
          Assignee Original: Rafael Pestano [ rmpestano ]
          Basil Crow made changes -
          Description Original: h4. Problems

          {noformat}
          == Inline Event Handler
          Line: 118
          ----
          <a class="d2h-file-switch d2h-hide2" style="display: none;" onclick="hideCommits()">
          ----

          == Inline Event Handler
          Line: 119
          ----
          <a class="d2h-file-switch d2h-show2" style="display: inline;" onclick="showCommits()">
          ----

          == Inline Script Block
          Line: 9
          ----
          <script type="text/javascript">window.jQueryJenkins = jQuery.noConflict();</script>
          ----

          == Inline Script Block
          Line: 34
          ----
          <script>
                       jQueryJenkins(document).ready(function () {
                           if (jQueryJenkins('#main-panel').length) {
                               jQueryJenkins('#main-panel').attr('class','col-sm-24 col-md-24 col-lg-24 col-xlg-24');
                           }
                           var buildChanges = "<j:out value="${it.buildChanges.escapedDiff}"/>";
                           var sidePanelTD = document.getElementById('side-panel');
                           if (sidePanelTD) {
                               sidePanelTD.parentNode.removeChild(sidePanelTD);
                           }

                           if(buildChanges) {
                               var diff2htmlUi = new Diff2HtmlUI({diff: buildChanges});

                               diff2htmlUi.draw('#${it.config.format().getFormat()}', {
                                       inputFormat: 'json',
                                       outputFormat: '${it.config.format().getFormat()}',
                                       showFiles: ${it.config.showFiles()},
                                       synchronisedScroll: ${it.config.synchronisedScroll()},
                                       matchWordsThreshold: '${it.config.matchWordsThreshold()}',
                                       matchingMaxComparisons: '${it.config.matchingMaxComparisons()}',
                                       matching: '${it.config.matching().getMatching()}'
                                   }
                               );
                               diff2htmlUi.fileListCloseable('#${it.config.format().getFormat()}', false);
                               diff2htmlUi.highlightCode('#${it.config.format().getFormat()}');
                           } else {
                               jQueryJenkins('#line-by-line').append('<p style="margin-top:150px;text-align:center;font-size:14px;">No changes between revision <span style="font-weight:600;text-decoration:underline">${it.buildChanges.currentRevision.commitId}</span> and <span style="font-weight:600;text-decoration:underline">${it.buildChanges.previousRevision.commitId}</span> </p>')
                               jQueryJenkins('#changes-info, .d2h-show2').hide();
                           }

                       }); //end documentReady

                      function showCommits() {
                              jQueryJenkins('.d2h-show2').hide();
                              jQueryJenkins('.d2h-hide2, #commits').show();
                             }

                      function hideCommits() {
                              jQueryJenkins('.d2h-show2').show();
                              jQueryJenkins('.d2h-hide2, #commits').hide();
                           }
                </script>
          ----

          == Inline Event Handler
          Line: 118
          ----
          <a class="d2h-file-switch d2h-hide2" style="display: none;" onclick="hideCommits()">
          ----

          == Inline Event Handler
          Line: 119
          ----
          <a class="d2h-file-switch d2h-show2" style="display: inline;" onclick="showCommits()">
          ----

          == Inline Script Block
          Line: 9
          ----
          <script type="text/javascript">window.jQueryJenkins = jQuery.noConflict();</script>
          ----

          == Inline Script Block
          Line: 34
          ----
          <script>
                       jQueryJenkins(document).ready(function () {
                           if (jQueryJenkins('#main-panel').length) {
                               jQueryJenkins('#main-panel').attr('class','col-sm-24 col-md-24 col-lg-24 col-xlg-24');
                           }
                           var buildChanges = "<j:out value="${it.buildChanges.escapedDiff}"/>";
                           var sidePanelTD = document.getElementById('side-panel');
                           if (sidePanelTD) {
                               sidePanelTD.parentNode.removeChild(sidePanelTD);
                           }

                           if(buildChanges) {
                               var diff2htmlUi = new Diff2HtmlUI({diff: buildChanges});

                               diff2htmlUi.draw('#${it.config.format().getFormat()}', {
                                       inputFormat: 'json',
                                       outputFormat: '${it.config.format().getFormat()}',
                                       showFiles: ${it.config.showFiles()},
                                       synchronisedScroll: ${it.config.synchronisedScroll()},
                                       matchWordsThreshold: '${it.config.matchWordsThreshold()}',
                                       matchingMaxComparisons: '${it.config.matchingMaxComparisons()}',
                                       matching: '${it.config.matching().getMatching()}'
                                   }
                               );
                               diff2htmlUi.fileListCloseable('#${it.config.format().getFormat()}', false);
                               diff2htmlUi.highlightCode('#${it.config.format().getFormat()}');
                           } else {
                               jQueryJenkins('#line-by-line').append('<p style="margin-top:150px;text-align:center;font-size:14px;">No changes between revision <span style="font-weight:600;text-decoration:underline">${it.buildChanges.currentRevision.commitId}</span> and <span style="font-weight:600;text-decoration:underline">${it.buildChanges.previousRevision.commitId}</span> </p>')
                               jQueryJenkins('#changes-info, .d2h-show2').hide();
                           }

                       }); //end documentReady

                      function showCommits() {
                              jQueryJenkins('.d2h-show2').hide();
                              jQueryJenkins('.d2h-hide2, #commits').show();
                             }

                      function hideCommits() {
                              jQueryJenkins('.d2h-show2').show();
                              jQueryJenkins('.d2h-hide2, #commits').hide();
                           }
                </script>
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          New: h4. Problems

          {noformat}
          == Inline Script Block
          Line: 9
          ----
          <script type="text/javascript">window.jQueryJenkins = jQuery.noConflict();</script>
          ----

          == Inline Script Block
          Line: 34
          ----
          <script>
                       jQueryJenkins(document).ready(function () {
                           if (jQueryJenkins('#main-panel').length) {
                               jQueryJenkins('#main-panel').attr('class','col-sm-24 col-md-24 col-lg-24 col-xlg-24');
                           }
                           var buildChanges = "<j:out value="${it.buildChanges.escapedDiff}"/>";
                           var sidePanelTD = document.getElementById('side-panel');
                           if (sidePanelTD) {
                               sidePanelTD.parentNode.removeChild(sidePanelTD);
                           }

                           if(buildChanges) {
                               var diff2htmlUi = new Diff2HtmlUI({diff: buildChanges});

                               diff2htmlUi.draw('#${it.config.format().getFormat()}', {
                                       inputFormat: 'json',
                                       outputFormat: '${it.config.format().getFormat()}',
                                       showFiles: ${it.config.showFiles()},
                                       synchronisedScroll: ${it.config.synchronisedScroll()},
                                       matchWordsThreshold: '${it.config.matchWordsThreshold()}',
                                       matchingMaxComparisons: '${it.config.matchingMaxComparisons()}',
                                       matching: '${it.config.matching().getMatching()}'
                                   }
                               );
                               diff2htmlUi.fileListCloseable('#${it.config.format().getFormat()}', false);
                               diff2htmlUi.highlightCode('#${it.config.format().getFormat()}');
                           } else {
                               jQueryJenkins('#line-by-line').append('<p style="margin-top:150px;text-align:center;font-size:14px;">No changes between revision <span style="font-weight:600;text-decoration:underline">${it.buildChanges.currentRevision.commitId}</span> and <span style="font-weight:600;text-decoration:underline">${it.buildChanges.previousRevision.commitId}</span> </p>')
                               jQueryJenkins('#changes-info, .d2h-show2').hide();
                           }

                       }); //end documentReady

                      function showCommits() {
                              jQueryJenkins('.d2h-show2').hide();
                              jQueryJenkins('.d2h-hide2, #commits').show();
                             }

                      function hideCommits() {
                              jQueryJenkins('.d2h-show2').show();
                              jQueryJenkins('.d2h-hide2, #commits').hide();
                           }
                </script>
          ----

          == Inline Event Handler
          Line: 118
          ----
          <a class="d2h-file-switch d2h-hide2" style="display: none;" onclick="hideCommits()">
          ----

          == Inline Event Handler
          Line: 119
          ----
          <a class="d2h-file-switch d2h-show2" style="display: inline;" onclick="showCommits()">
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          Basil Crow made changes -
          Description Original: h4. Problems

          {noformat}
          == Inline Script Block
          Line: 9
          ----
          <script type="text/javascript">window.jQueryJenkins = jQuery.noConflict();</script>
          ----

          == Inline Script Block
          Line: 34
          ----
          <script>
                       jQueryJenkins(document).ready(function () {
                           if (jQueryJenkins('#main-panel').length) {
                               jQueryJenkins('#main-panel').attr('class','col-sm-24 col-md-24 col-lg-24 col-xlg-24');
                           }
                           var buildChanges = "<j:out value="${it.buildChanges.escapedDiff}"/>";
                           var sidePanelTD = document.getElementById('side-panel');
                           if (sidePanelTD) {
                               sidePanelTD.parentNode.removeChild(sidePanelTD);
                           }

                           if(buildChanges) {
                               var diff2htmlUi = new Diff2HtmlUI({diff: buildChanges});

                               diff2htmlUi.draw('#${it.config.format().getFormat()}', {
                                       inputFormat: 'json',
                                       outputFormat: '${it.config.format().getFormat()}',
                                       showFiles: ${it.config.showFiles()},
                                       synchronisedScroll: ${it.config.synchronisedScroll()},
                                       matchWordsThreshold: '${it.config.matchWordsThreshold()}',
                                       matchingMaxComparisons: '${it.config.matchingMaxComparisons()}',
                                       matching: '${it.config.matching().getMatching()}'
                                   }
                               );
                               diff2htmlUi.fileListCloseable('#${it.config.format().getFormat()}', false);
                               diff2htmlUi.highlightCode('#${it.config.format().getFormat()}');
                           } else {
                               jQueryJenkins('#line-by-line').append('<p style="margin-top:150px;text-align:center;font-size:14px;">No changes between revision <span style="font-weight:600;text-decoration:underline">${it.buildChanges.currentRevision.commitId}</span> and <span style="font-weight:600;text-decoration:underline">${it.buildChanges.previousRevision.commitId}</span> </p>')
                               jQueryJenkins('#changes-info, .d2h-show2').hide();
                           }

                       }); //end documentReady

                      function showCommits() {
                              jQueryJenkins('.d2h-show2').hide();
                              jQueryJenkins('.d2h-hide2, #commits').show();
                             }

                      function hideCommits() {
                              jQueryJenkins('.d2h-show2').show();
                              jQueryJenkins('.d2h-hide2, #commits').hide();
                           }
                </script>
          ----

          == Inline Event Handler
          Line: 118
          ----
          <a class="d2h-file-switch d2h-hide2" style="display: none;" onclick="hideCommits()">
          ----

          == Inline Event Handler
          Line: 119
          ----
          <a class="d2h-file-switch d2h-show2" style="display: inline;" onclick="showCommits()">
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          New: h1. Note

          *While testing this plugin, evaluate whether the third-party libraries in {{src/main/webapp/js}} are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.*

          h4. Problems

          {noformat}
          == Inline Script Block
          Line: 9
          ----
          <script type="text/javascript">window.jQueryJenkins = jQuery.noConflict();</script>
          ----

          == Inline Script Block
          Line: 34
          ----
          <script>
                       jQueryJenkins(document).ready(function () {
                           if (jQueryJenkins('#main-panel').length) {
                               jQueryJenkins('#main-panel').attr('class','col-sm-24 col-md-24 col-lg-24 col-xlg-24');
                           }
                           var buildChanges = "<j:out value="${it.buildChanges.escapedDiff}"/>";
                           var sidePanelTD = document.getElementById('side-panel');
                           if (sidePanelTD) {
                               sidePanelTD.parentNode.removeChild(sidePanelTD);
                           }

                           if(buildChanges) {
                               var diff2htmlUi = new Diff2HtmlUI({diff: buildChanges});

                               diff2htmlUi.draw('#${it.config.format().getFormat()}', {
                                       inputFormat: 'json',
                                       outputFormat: '${it.config.format().getFormat()}',
                                       showFiles: ${it.config.showFiles()},
                                       synchronisedScroll: ${it.config.synchronisedScroll()},
                                       matchWordsThreshold: '${it.config.matchWordsThreshold()}',
                                       matchingMaxComparisons: '${it.config.matchingMaxComparisons()}',
                                       matching: '${it.config.matching().getMatching()}'
                                   }
                               );
                               diff2htmlUi.fileListCloseable('#${it.config.format().getFormat()}', false);
                               diff2htmlUi.highlightCode('#${it.config.format().getFormat()}');
                           } else {
                               jQueryJenkins('#line-by-line').append('<p style="margin-top:150px;text-align:center;font-size:14px;">No changes between revision <span style="font-weight:600;text-decoration:underline">${it.buildChanges.currentRevision.commitId}</span> and <span style="font-weight:600;text-decoration:underline">${it.buildChanges.previousRevision.commitId}</span> </p>')
                               jQueryJenkins('#changes-info, .d2h-show2').hide();
                           }

                       }); //end documentReady

                      function showCommits() {
                              jQueryJenkins('.d2h-show2').hide();
                              jQueryJenkins('.d2h-hide2, #commits').show();
                             }

                      function hideCommits() {
                              jQueryJenkins('.d2h-show2').show();
                              jQueryJenkins('.d2h-hide2, #commits').hide();
                           }
                </script>
          ----

          == Inline Event Handler
          Line: 118
          ----
          <a class="d2h-file-switch d2h-hide2" style="display: none;" onclick="hideCommits()">
          ----

          == Inline Event Handler
          Line: 119
          ----
          <a class="d2h-file-switch d2h-show2" style="display: inline;" onclick="showCommits()">
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          Shlomo made changes -
          Assignee New: Shlomo [ shlomo_dahan ]
          Shlomo made changes -
          Assignee Original: Shlomo [ shlomo_dahan ]
          Yaroslav Afenkin made changes -
          Assignee New: Yaroslav Afenkin [ yafenkin ]
          Yaroslav Afenkin made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Yaroslav Afenkin made changes -
          Remote Link New: This issue links to "jenkinsci/last-changes-plugin/pull/116 (Web Link)" [ 30464 ]

            yafenkin Yaroslav Afenkin
            basil Basil Crow
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: