-
Task
-
Resolution: Unresolved
-
Minor
Note
While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.
Problems
== Inline Script Block
Line: 3
----
<script type="text/javascript">
<!-- Function who create accordion -->
function create_accordion(accordionName){
jQuery( function()
{
var cookieName = accordionName;
<!-- In default we close all accordion, we fix index to 10 -->
var var_active = 10;
var cookies_id = jQuery.cookies.get(cookieName);
if (cookies_id == cookieName){
var_active = 0;
}
jQuery(accordionName).accordion( {
active: var_active,
collapsible: true,
animated : false,
autoHeight : false,
change: function( e, ui ) {
<!-- If accordion is not open (10), we create cookie to save state -->
if (cookies_id != cookieName){
jQuery.cookies.set( cookieName, cookieName);
}else{
jQuery.cookies.del(cookieName);
}
}
} );
} );
}
</script>
----
== Inline Script Block
Line: 47
----
<script type="text/javascript">
create_accordion('#accordion${projectname}'+${buildnumber}+${indexA}+${indexB});
</script>
----
Solution
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
