-
Task
-
Resolution: Unresolved
-
Minor
Note
While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.
Problem
== Inline Script Block
Line: 95
----
<script>
$(function() {
$('.left-nav a').click(function(ev) {
window.location.hash = this.href.replace(/.+\/([^\/]+)\/index\.html/,'$1') + '|default';
loadPage(this.href);
$('.left-nav a.selected').removeClass('selected');
$(this).addClass('selected');
ev.preventDefault();
});
if (window.location.hash) {
if (window.location.hash.indexOf('|') === -1) {
window.location.hash += '|default';
}
var path = window.location.href.replace(/(index\.html)?#/,'');
path = path.replace('\|','/') + '.html';
loadPage(path);
}
function loadPage(path) {
var section = path.replace(/\/[^\/]+\.html/,'');
var header = section.replace(/.+\/([^\/]+)/,'$1').replace(/_/, ' ');
$('td.normal div.normal')
.empty()
.append('<h4 class="demo-subheader">Functional demo:</h4>')
.append('<h3 class="demo-header">'+ header +'</h3>')
.append('<div id="demo-config"></div>')
.find('#demo-config')
.append('<div id="demo-frame"></div><div id="demo-config-menu"></div><div id="demo-link"><a class="demoWindowLink" href="#"><span class="ui-icon ui-icon-newwin"></span>Open demo in a new window</a></div>')
.find('#demo-config-menu')
.load(section + '/index.html .demos-nav', function() {
$('#demo-config-menu a').each(function() {
this.setAttribute('href', section + '/' + this.getAttribute('href').replace(/.+\/([^\/]+)/,'$1'));
$(this).attr('target', 'demo-frame');
$(this).click(function() {
resetDemos();
$(this).parents('ul').find('li').removeClass('demo-config-on');
$(this).parent().addClass('demo-config-on');
$('#demo-notes').fadeOut();
//Set the hash to the actual page without ".html"
window.location.hash = header + '|' + this.getAttribute('href').match((/\/([^\/\\]+)\.html/))[1];
loadDemo(this.getAttribute('href'));
return false;
});
});
if (window.location.hash) {
var demo = window.location.hash.split('|')[1];
$('#demo-config-menu a').each(function(){
if (this.href.indexOf(demo + '.html') !== -1) {
$(this).parents('ul').find('li').removeClass('demo-config-on');
$(this).parent().addClass('demo-config-on');
loadDemo(this.href);
}
});
}
updateDemoNotes();
})
.end()
.find('#demo-link a')
.bind('click', function(ev){
window.open(this.href);
ev.preventDefault();
})
.end()
.end()
;
resetDemos();
}
function loadDemo(path) {
var directory = path.match(/([^\/]+)\/[^\/\.]+\.html$/)[1];
$.get(path, function(data) {
var source = data;
data = data.replace(/<script.*>.*<\/script>/ig,""); // Remove script tags
data = data.replace(/<\/?link.*>/ig,""); //Remove link tags
data = data.replace(/<\/?html.*>/ig,""); //Remove html tag
data = data.replace(/<\/?body.*>/ig,""); //Remove body tag
data = data.replace(/<\/?head.*>/ig,""); //Remove head tag
data = data.replace(/<\/?!doctype.*>/ig,""); //Remove doctype
data = data.replace(/<title.*>.*<\/title>/ig,""); // Remove title tags
data = data.replace(/((href|src)=["'])(?!(http|#))/ig, "$1" + directory + "/");
$('#demo-style').remove();
$('#demo-frame').empty().html(data);
$('#demo-frame style').clone().appendTo('head').attr('id','demo-style');
$('#demo-link a').attr('href', path);
updateDemoNotes();
updateDemoSource(source);
if (/default.html$/.test(path)) {
$.get("documentation/docs-" + path.match(/demos\/(.+)\//)[1] + ".html", function(html) {
$("#demo-source").after(html);
$("#widget-docs").tabs();
$(".param-header").click(function() {
$(this).parent().toggleClass("param-open").end().next().toggle();
});
$(".docs-list-header").each(function() {
var header = $(this);
var details = header.next().find(".param-details").hide();
$("a:first", header).click(function() {
details.show().parent().addClass("param-open");
return false;
});
$("a:last", header).click(function() {
details.hide().parent().removeClass("param-open");
return false;
});
});
});
}
});
}
function updateDemoNotes() {
var notes = $('#demo-frame .demo-description');
if ($('#demo-notes').length == 0) {
$('<div id="demo-notes"></div>').insertAfter('#demo-config');
}
$('#demo-notes').hide().empty().html(notes.html());
$('#demo-notes').show();
notes.hide();
}
function updateDemoSource(source) {
if ($('#demo-source').length == 0) {
$('<div id="demo-source"><a href="#" class="source-closed">View Source</a><div><pre><code></code></pre></div></div>').insertAfter('#demo-notes');
$('#demo-source').find(">a").click(function() {
$(this).toggleClass("source-closed").toggleClass("source-open").next().toggle();
return false;
}).end().find(">div").hide();
}
var cleanedSource = source
.replace('themes/base/jquery.ui.all.css', 'theme/jquery.ui.all.css')
.replace(/\s*\x3Clink.*demos\x2Ecss.*\x3E\s*/, '\r\n\t')
.replace(/\x2E\x2E\x2F\x2E\x2E\x2F/g, '');
$('#demo-source code').empty().text(cleanedSource);
}
function resetDemos() {
$.datepicker.setDefaults($.extend({showMonthAfterYear: false}, $.datepicker.regional['']));
$(".ui-dialog-content").remove();
}
});
</script>
----
Solution
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
[JENKINS-74189] [summary_report] Extract inline script block in lib/jquery/development-bundle/demos/index.html
Basil Crow
created issue -
Basil Crow
made changes -
| Description |
Original:
h4. Problems {noformat} == Inline Script Block Line: 95 ---- <script> $(function() { $('.left-nav a').click(function(ev) { window.location.hash = this.href.replace(/.+\/([^\/]+)\/index\.html/,'$1') + '|default'; loadPage(this.href); $('.left-nav a.selected').removeClass('selected'); $(this).addClass('selected'); ev.preventDefault(); }); if (window.location.hash) { if (window.location.hash.indexOf('|') === -1) { window.location.hash += '|default'; } var path = window.location.href.replace(/(index\.html)?#/,''); path = path.replace('\|','/') + '.html'; loadPage(path); } function loadPage(path) { var section = path.replace(/\/[^\/]+\.html/,''); var header = section.replace(/.+\/([^\/]+)/,'$1').replace(/_/, ' '); $('td.normal div.normal') .empty() .append('<h4 class="demo-subheader">Functional demo:</h4>') .append('<h3 class="demo-header">'+ header +'</h3>') .append('<div id="demo-config"></div>') .find('#demo-config') .append('<div id="demo-frame"></div><div id="demo-config-menu"></div><div id="demo-link"><a class="demoWindowLink" href="#"><span class="ui-icon ui-icon-newwin"></span>Open demo in a new window</a></div>') .find('#demo-config-menu') .load(section + '/index.html .demos-nav', function() { $('#demo-config-menu a').each(function() { this.setAttribute('href', section + '/' + this.getAttribute('href').replace(/.+\/([^\/]+)/,'$1')); $(this).attr('target', 'demo-frame'); $(this).click(function() { resetDemos(); $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); $('#demo-notes').fadeOut(); //Set the hash to the actual page without ".html" window.location.hash = header + '|' + this.getAttribute('href').match((/\/([^\/\\]+)\.html/))[1]; loadDemo(this.getAttribute('href')); return false; }); }); if (window.location.hash) { var demo = window.location.hash.split('|')[1]; $('#demo-config-menu a').each(function(){ if (this.href.indexOf(demo + '.html') !== -1) { $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); loadDemo(this.href); } }); } updateDemoNotes(); }) .end() .find('#demo-link a') .bind('click', function(ev){ window.open(this.href); ev.preventDefault(); }) .end() .end() ; resetDemos(); } function loadDemo(path) { var directory = path.match(/([^\/]+)\/[^\/\.]+\.html$/)[1]; $.get(path, function(data) { var source = data; data = data.replace(/<script.*>.*<\/script>/ig,""); // Remove script tags data = data.replace(/<\/?link.*>/ig,""); //Remove link tags data = data.replace(/<\/?html.*>/ig,""); //Remove html tag data = data.replace(/<\/?body.*>/ig,""); //Remove body tag data = data.replace(/<\/?head.*>/ig,""); //Remove head tag data = data.replace(/<\/?!doctype.*>/ig,""); //Remove doctype data = data.replace(/<title.*>.*<\/title>/ig,""); // Remove title tags data = data.replace(/((href|src)=["'])(?!(http|#))/ig, "$1" + directory + "/"); $('#demo-style').remove(); $('#demo-frame').empty().html(data); $('#demo-frame style').clone().appendTo('head').attr('id','demo-style'); $('#demo-link a').attr('href', path); updateDemoNotes(); updateDemoSource(source); if (/default.html$/.test(path)) { $.get("documentation/docs-" + path.match(/demos\/(.+)\//)[1] + ".html", function(html) { $("#demo-source").after(html); $("#widget-docs").tabs(); $(".param-header").click(function() { $(this).parent().toggleClass("param-open").end().next().toggle(); }); $(".docs-list-header").each(function() { var header = $(this); var details = header.next().find(".param-details").hide(); $("a:first", header).click(function() { details.show().parent().addClass("param-open"); return false; }); $("a:last", header).click(function() { details.hide().parent().removeClass("param-open"); return false; }); }); }); } }); } function updateDemoNotes() { var notes = $('#demo-frame .demo-description'); if ($('#demo-notes').length == 0) { $('<div id="demo-notes"></div>').insertAfter('#demo-config'); } $('#demo-notes').hide().empty().html(notes.html()); $('#demo-notes').show(); notes.hide(); } function updateDemoSource(source) { if ($('#demo-source').length == 0) { $('<div id="demo-source"><a href="#" class="source-closed">View Source</a><div><pre><code></code></pre></div></div>').insertAfter('#demo-notes'); $('#demo-source').find(">a").click(function() { $(this).toggleClass("source-closed").toggleClass("source-open").next().toggle(); return false; }).end().find(">div").hide(); } var cleanedSource = source .replace('themes/base/jquery.ui.all.css', 'theme/jquery.ui.all.css') .replace(/\s*\x3Clink.*demos\x2Ecss.*\x3E\s*/, '\r\n\t') .replace(/\x2E\x2E\x2F\x2E\x2E\x2F/g, ''); $('#demo-source code').empty().text(cleanedSource); } function resetDemos() { $.datepicker.setDefaults($.extend({showMonthAfterYear: false}, $.datepicker.regional[''])); $(".ui-dialog-content").remove(); } }); </script> ---- == Inline Script Block Line: 95 ---- <script> $(function() { $('.left-nav a').click(function(ev) { window.location.hash = this.href.replace(/.+\/([^\/]+)\/index\.html/,'$1') + '|default'; loadPage(this.href); $('.left-nav a.selected').removeClass('selected'); $(this).addClass('selected'); ev.preventDefault(); }); if (window.location.hash) { if (window.location.hash.indexOf('|') === -1) { window.location.hash += '|default'; } var path = window.location.href.replace(/(index\.html)?#/,''); path = path.replace('\|','/') + '.html'; loadPage(path); } function loadPage(path) { var section = path.replace(/\/[^\/]+\.html/,''); var header = section.replace(/.+\/([^\/]+)/,'$1').replace(/_/, ' '); $('td.normal div.normal') .empty() .append('<h4 class="demo-subheader">Functional demo:</h4>') .append('<h3 class="demo-header">'+ header +'</h3>') .append('<div id="demo-config"></div>') .find('#demo-config') .append('<div id="demo-frame"></div><div id="demo-config-menu"></div><div id="demo-link"><a class="demoWindowLink" href="#"><span class="ui-icon ui-icon-newwin"></span>Open demo in a new window</a></div>') .find('#demo-config-menu') .load(section + '/index.html .demos-nav', function() { $('#demo-config-menu a').each(function() { this.setAttribute('href', section + '/' + this.getAttribute('href').replace(/.+\/([^\/]+)/,'$1')); $(this).attr('target', 'demo-frame'); $(this).click(function() { resetDemos(); $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); $('#demo-notes').fadeOut(); //Set the hash to the actual page without ".html" window.location.hash = header + '|' + this.getAttribute('href').match((/\/([^\/\\]+)\.html/))[1]; loadDemo(this.getAttribute('href')); return false; }); }); if (window.location.hash) { var demo = window.location.hash.split('|')[1]; $('#demo-config-menu a').each(function(){ if (this.href.indexOf(demo + '.html') !== -1) { $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); loadDemo(this.href); } }); } updateDemoNotes(); }) .end() .find('#demo-link a') .bind('click', function(ev){ window.open(this.href); ev.preventDefault(); }) .end() .end() ; resetDemos(); } function loadDemo(path) { var directory = path.match(/([^\/]+)\/[^\/\.]+\.html$/)[1]; $.get(path, function(data) { var source = data; data = data.replace(/<script.*>.*<\/script>/ig,""); // Remove script tags data = data.replace(/<\/?link.*>/ig,""); //Remove link tags data = data.replace(/<\/?html.*>/ig,""); //Remove html tag data = data.replace(/<\/?body.*>/ig,""); //Remove body tag data = data.replace(/<\/?head.*>/ig,""); //Remove head tag data = data.replace(/<\/?!doctype.*>/ig,""); //Remove doctype data = data.replace(/<title.*>.*<\/title>/ig,""); // Remove title tags data = data.replace(/((href|src)=["'])(?!(http|#))/ig, "$1" + directory + "/"); $('#demo-style').remove(); $('#demo-frame').empty().html(data); $('#demo-frame style').clone().appendTo('head').attr('id','demo-style'); $('#demo-link a').attr('href', path); updateDemoNotes(); updateDemoSource(source); if (/default.html$/.test(path)) { $.get("documentation/docs-" + path.match(/demos\/(.+)\//)[1] + ".html", function(html) { $("#demo-source").after(html); $("#widget-docs").tabs(); $(".param-header").click(function() { $(this).parent().toggleClass("param-open").end().next().toggle(); }); $(".docs-list-header").each(function() { var header = $(this); var details = header.next().find(".param-details").hide(); $("a:first", header).click(function() { details.show().parent().addClass("param-open"); return false; }); $("a:last", header).click(function() { details.hide().parent().removeClass("param-open"); return false; }); }); }); } }); } function updateDemoNotes() { var notes = $('#demo-frame .demo-description'); if ($('#demo-notes').length == 0) { $('<div id="demo-notes"></div>').insertAfter('#demo-config'); } $('#demo-notes').hide().empty().html(notes.html()); $('#demo-notes').show(); notes.hide(); } function updateDemoSource(source) { if ($('#demo-source').length == 0) { $('<div id="demo-source"><a href="#" class="source-closed">View Source</a><div><pre><code></code></pre></div></div>').insertAfter('#demo-notes'); $('#demo-source').find(">a").click(function() { $(this).toggleClass("source-closed").toggleClass("source-open").next().toggle(); return false; }).end().find(">div").hide(); } var cleanedSource = source .replace('themes/base/jquery.ui.all.css', 'theme/jquery.ui.all.css') .replace(/\s*\x3Clink.*demos\x2Ecss.*\x3E\s*/, '\r\n\t') .replace(/\x2E\x2E\x2F\x2E\x2E\x2F/g, ''); $('#demo-source code').empty().text(cleanedSource); } function resetDemos() { $.datepicker.setDefaults($.extend({showMonthAfterYear: false}, $.datepicker.regional[''])); $(".ui-dialog-content").remove(); } }); </script> ---- {noformat} h4. Solution [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] |
New:
h4. Problem {noformat} == Inline Script Block Line: 95 ---- <script> $(function() { $('.left-nav a').click(function(ev) { window.location.hash = this.href.replace(/.+\/([^\/]+)\/index\.html/,'$1') + '|default'; loadPage(this.href); $('.left-nav a.selected').removeClass('selected'); $(this).addClass('selected'); ev.preventDefault(); }); if (window.location.hash) { if (window.location.hash.indexOf('|') === -1) { window.location.hash += '|default'; } var path = window.location.href.replace(/(index\.html)?#/,''); path = path.replace('\|','/') + '.html'; loadPage(path); } function loadPage(path) { var section = path.replace(/\/[^\/]+\.html/,''); var header = section.replace(/.+\/([^\/]+)/,'$1').replace(/_/, ' '); $('td.normal div.normal') .empty() .append('<h4 class="demo-subheader">Functional demo:</h4>') .append('<h3 class="demo-header">'+ header +'</h3>') .append('<div id="demo-config"></div>') .find('#demo-config') .append('<div id="demo-frame"></div><div id="demo-config-menu"></div><div id="demo-link"><a class="demoWindowLink" href="#"><span class="ui-icon ui-icon-newwin"></span>Open demo in a new window</a></div>') .find('#demo-config-menu') .load(section + '/index.html .demos-nav', function() { $('#demo-config-menu a').each(function() { this.setAttribute('href', section + '/' + this.getAttribute('href').replace(/.+\/([^\/]+)/,'$1')); $(this).attr('target', 'demo-frame'); $(this).click(function() { resetDemos(); $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); $('#demo-notes').fadeOut(); //Set the hash to the actual page without ".html" window.location.hash = header + '|' + this.getAttribute('href').match((/\/([^\/\\]+)\.html/))[1]; loadDemo(this.getAttribute('href')); return false; }); }); if (window.location.hash) { var demo = window.location.hash.split('|')[1]; $('#demo-config-menu a').each(function(){ if (this.href.indexOf(demo + '.html') !== -1) { $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); loadDemo(this.href); } }); } updateDemoNotes(); }) .end() .find('#demo-link a') .bind('click', function(ev){ window.open(this.href); ev.preventDefault(); }) .end() .end() ; resetDemos(); } function loadDemo(path) { var directory = path.match(/([^\/]+)\/[^\/\.]+\.html$/)[1]; $.get(path, function(data) { var source = data; data = data.replace(/<script.*>.*<\/script>/ig,""); // Remove script tags data = data.replace(/<\/?link.*>/ig,""); //Remove link tags data = data.replace(/<\/?html.*>/ig,""); //Remove html tag data = data.replace(/<\/?body.*>/ig,""); //Remove body tag data = data.replace(/<\/?head.*>/ig,""); //Remove head tag data = data.replace(/<\/?!doctype.*>/ig,""); //Remove doctype data = data.replace(/<title.*>.*<\/title>/ig,""); // Remove title tags data = data.replace(/((href|src)=["'])(?!(http|#))/ig, "$1" + directory + "/"); $('#demo-style').remove(); $('#demo-frame').empty().html(data); $('#demo-frame style').clone().appendTo('head').attr('id','demo-style'); $('#demo-link a').attr('href', path); updateDemoNotes(); updateDemoSource(source); if (/default.html$/.test(path)) { $.get("documentation/docs-" + path.match(/demos\/(.+)\//)[1] + ".html", function(html) { $("#demo-source").after(html); $("#widget-docs").tabs(); $(".param-header").click(function() { $(this).parent().toggleClass("param-open").end().next().toggle(); }); $(".docs-list-header").each(function() { var header = $(this); var details = header.next().find(".param-details").hide(); $("a:first", header).click(function() { details.show().parent().addClass("param-open"); return false; }); $("a:last", header).click(function() { details.hide().parent().removeClass("param-open"); return false; }); }); }); } }); } function updateDemoNotes() { var notes = $('#demo-frame .demo-description'); if ($('#demo-notes').length == 0) { $('<div id="demo-notes"></div>').insertAfter('#demo-config'); } $('#demo-notes').hide().empty().html(notes.html()); $('#demo-notes').show(); notes.hide(); } function updateDemoSource(source) { if ($('#demo-source').length == 0) { $('<div id="demo-source"><a href="#" class="source-closed">View Source</a><div><pre><code></code></pre></div></div>').insertAfter('#demo-notes'); $('#demo-source').find(">a").click(function() { $(this).toggleClass("source-closed").toggleClass("source-open").next().toggle(); return false; }).end().find(">div").hide(); } var cleanedSource = source .replace('themes/base/jquery.ui.all.css', 'theme/jquery.ui.all.css') .replace(/\s*\x3Clink.*demos\x2Ecss.*\x3E\s*/, '\r\n\t') .replace(/\x2E\x2E\x2F\x2E\x2E\x2F/g, ''); $('#demo-source code').empty().text(cleanedSource); } function resetDemos() { $.datepicker.setDefaults($.extend({showMonthAfterYear: false}, $.datepicker.regional[''])); $(".ui-dialog-content").remove(); } }); </script> ---- {noformat} h4. Solution [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] |
| Summary | Original: [summary_report] Extract inline script blocks in lib/jquery/development-bundle/demos/index.html | New: [summary_report] Extract inline script block in lib/jquery/development-bundle/demos/index.html |
Basil Crow
made changes -
| Description |
Original:
h4. Problem {noformat} == Inline Script Block Line: 95 ---- <script> $(function() { $('.left-nav a').click(function(ev) { window.location.hash = this.href.replace(/.+\/([^\/]+)\/index\.html/,'$1') + '|default'; loadPage(this.href); $('.left-nav a.selected').removeClass('selected'); $(this).addClass('selected'); ev.preventDefault(); }); if (window.location.hash) { if (window.location.hash.indexOf('|') === -1) { window.location.hash += '|default'; } var path = window.location.href.replace(/(index\.html)?#/,''); path = path.replace('\|','/') + '.html'; loadPage(path); } function loadPage(path) { var section = path.replace(/\/[^\/]+\.html/,''); var header = section.replace(/.+\/([^\/]+)/,'$1').replace(/_/, ' '); $('td.normal div.normal') .empty() .append('<h4 class="demo-subheader">Functional demo:</h4>') .append('<h3 class="demo-header">'+ header +'</h3>') .append('<div id="demo-config"></div>') .find('#demo-config') .append('<div id="demo-frame"></div><div id="demo-config-menu"></div><div id="demo-link"><a class="demoWindowLink" href="#"><span class="ui-icon ui-icon-newwin"></span>Open demo in a new window</a></div>') .find('#demo-config-menu') .load(section + '/index.html .demos-nav', function() { $('#demo-config-menu a').each(function() { this.setAttribute('href', section + '/' + this.getAttribute('href').replace(/.+\/([^\/]+)/,'$1')); $(this).attr('target', 'demo-frame'); $(this).click(function() { resetDemos(); $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); $('#demo-notes').fadeOut(); //Set the hash to the actual page without ".html" window.location.hash = header + '|' + this.getAttribute('href').match((/\/([^\/\\]+)\.html/))[1]; loadDemo(this.getAttribute('href')); return false; }); }); if (window.location.hash) { var demo = window.location.hash.split('|')[1]; $('#demo-config-menu a').each(function(){ if (this.href.indexOf(demo + '.html') !== -1) { $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); loadDemo(this.href); } }); } updateDemoNotes(); }) .end() .find('#demo-link a') .bind('click', function(ev){ window.open(this.href); ev.preventDefault(); }) .end() .end() ; resetDemos(); } function loadDemo(path) { var directory = path.match(/([^\/]+)\/[^\/\.]+\.html$/)[1]; $.get(path, function(data) { var source = data; data = data.replace(/<script.*>.*<\/script>/ig,""); // Remove script tags data = data.replace(/<\/?link.*>/ig,""); //Remove link tags data = data.replace(/<\/?html.*>/ig,""); //Remove html tag data = data.replace(/<\/?body.*>/ig,""); //Remove body tag data = data.replace(/<\/?head.*>/ig,""); //Remove head tag data = data.replace(/<\/?!doctype.*>/ig,""); //Remove doctype data = data.replace(/<title.*>.*<\/title>/ig,""); // Remove title tags data = data.replace(/((href|src)=["'])(?!(http|#))/ig, "$1" + directory + "/"); $('#demo-style').remove(); $('#demo-frame').empty().html(data); $('#demo-frame style').clone().appendTo('head').attr('id','demo-style'); $('#demo-link a').attr('href', path); updateDemoNotes(); updateDemoSource(source); if (/default.html$/.test(path)) { $.get("documentation/docs-" + path.match(/demos\/(.+)\//)[1] + ".html", function(html) { $("#demo-source").after(html); $("#widget-docs").tabs(); $(".param-header").click(function() { $(this).parent().toggleClass("param-open").end().next().toggle(); }); $(".docs-list-header").each(function() { var header = $(this); var details = header.next().find(".param-details").hide(); $("a:first", header).click(function() { details.show().parent().addClass("param-open"); return false; }); $("a:last", header).click(function() { details.hide().parent().removeClass("param-open"); return false; }); }); }); } }); } function updateDemoNotes() { var notes = $('#demo-frame .demo-description'); if ($('#demo-notes').length == 0) { $('<div id="demo-notes"></div>').insertAfter('#demo-config'); } $('#demo-notes').hide().empty().html(notes.html()); $('#demo-notes').show(); notes.hide(); } function updateDemoSource(source) { if ($('#demo-source').length == 0) { $('<div id="demo-source"><a href="#" class="source-closed">View Source</a><div><pre><code></code></pre></div></div>').insertAfter('#demo-notes'); $('#demo-source').find(">a").click(function() { $(this).toggleClass("source-closed").toggleClass("source-open").next().toggle(); return false; }).end().find(">div").hide(); } var cleanedSource = source .replace('themes/base/jquery.ui.all.css', 'theme/jquery.ui.all.css') .replace(/\s*\x3Clink.*demos\x2Ecss.*\x3E\s*/, '\r\n\t') .replace(/\x2E\x2E\x2F\x2E\x2E\x2F/g, ''); $('#demo-source code').empty().text(cleanedSource); } function resetDemos() { $.datepicker.setDefaults($.extend({showMonthAfterYear: false}, $.datepicker.regional[''])); $(".ui-dialog-content").remove(); } }); </script> ---- {noformat} h4. Solution [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] |
New:
h1. Note
*While testing this plugin, evaluate whether the third-party libraries in {{src/main/webapp}} are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.* h4. Problem {noformat} == Inline Script Block Line: 95 ---- <script> $(function() { $('.left-nav a').click(function(ev) { window.location.hash = this.href.replace(/.+\/([^\/]+)\/index\.html/,'$1') + '|default'; loadPage(this.href); $('.left-nav a.selected').removeClass('selected'); $(this).addClass('selected'); ev.preventDefault(); }); if (window.location.hash) { if (window.location.hash.indexOf('|') === -1) { window.location.hash += '|default'; } var path = window.location.href.replace(/(index\.html)?#/,''); path = path.replace('\|','/') + '.html'; loadPage(path); } function loadPage(path) { var section = path.replace(/\/[^\/]+\.html/,''); var header = section.replace(/.+\/([^\/]+)/,'$1').replace(/_/, ' '); $('td.normal div.normal') .empty() .append('<h4 class="demo-subheader">Functional demo:</h4>') .append('<h3 class="demo-header">'+ header +'</h3>') .append('<div id="demo-config"></div>') .find('#demo-config') .append('<div id="demo-frame"></div><div id="demo-config-menu"></div><div id="demo-link"><a class="demoWindowLink" href="#"><span class="ui-icon ui-icon-newwin"></span>Open demo in a new window</a></div>') .find('#demo-config-menu') .load(section + '/index.html .demos-nav', function() { $('#demo-config-menu a').each(function() { this.setAttribute('href', section + '/' + this.getAttribute('href').replace(/.+\/([^\/]+)/,'$1')); $(this).attr('target', 'demo-frame'); $(this).click(function() { resetDemos(); $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); $('#demo-notes').fadeOut(); //Set the hash to the actual page without ".html" window.location.hash = header + '|' + this.getAttribute('href').match((/\/([^\/\\]+)\.html/))[1]; loadDemo(this.getAttribute('href')); return false; }); }); if (window.location.hash) { var demo = window.location.hash.split('|')[1]; $('#demo-config-menu a').each(function(){ if (this.href.indexOf(demo + '.html') !== -1) { $(this).parents('ul').find('li').removeClass('demo-config-on'); $(this).parent().addClass('demo-config-on'); loadDemo(this.href); } }); } updateDemoNotes(); }) .end() .find('#demo-link a') .bind('click', function(ev){ window.open(this.href); ev.preventDefault(); }) .end() .end() ; resetDemos(); } function loadDemo(path) { var directory = path.match(/([^\/]+)\/[^\/\.]+\.html$/)[1]; $.get(path, function(data) { var source = data; data = data.replace(/<script.*>.*<\/script>/ig,""); // Remove script tags data = data.replace(/<\/?link.*>/ig,""); //Remove link tags data = data.replace(/<\/?html.*>/ig,""); //Remove html tag data = data.replace(/<\/?body.*>/ig,""); //Remove body tag data = data.replace(/<\/?head.*>/ig,""); //Remove head tag data = data.replace(/<\/?!doctype.*>/ig,""); //Remove doctype data = data.replace(/<title.*>.*<\/title>/ig,""); // Remove title tags data = data.replace(/((href|src)=["'])(?!(http|#))/ig, "$1" + directory + "/"); $('#demo-style').remove(); $('#demo-frame').empty().html(data); $('#demo-frame style').clone().appendTo('head').attr('id','demo-style'); $('#demo-link a').attr('href', path); updateDemoNotes(); updateDemoSource(source); if (/default.html$/.test(path)) { $.get("documentation/docs-" + path.match(/demos\/(.+)\//)[1] + ".html", function(html) { $("#demo-source").after(html); $("#widget-docs").tabs(); $(".param-header").click(function() { $(this).parent().toggleClass("param-open").end().next().toggle(); }); $(".docs-list-header").each(function() { var header = $(this); var details = header.next().find(".param-details").hide(); $("a:first", header).click(function() { details.show().parent().addClass("param-open"); return false; }); $("a:last", header).click(function() { details.hide().parent().removeClass("param-open"); return false; }); }); }); } }); } function updateDemoNotes() { var notes = $('#demo-frame .demo-description'); if ($('#demo-notes').length == 0) { $('<div id="demo-notes"></div>').insertAfter('#demo-config'); } $('#demo-notes').hide().empty().html(notes.html()); $('#demo-notes').show(); notes.hide(); } function updateDemoSource(source) { if ($('#demo-source').length == 0) { $('<div id="demo-source"><a href="#" class="source-closed">View Source</a><div><pre><code></code></pre></div></div>').insertAfter('#demo-notes'); $('#demo-source').find(">a").click(function() { $(this).toggleClass("source-closed").toggleClass("source-open").next().toggle(); return false; }).end().find(">div").hide(); } var cleanedSource = source .replace('themes/base/jquery.ui.all.css', 'theme/jquery.ui.all.css') .replace(/\s*\x3Clink.*demos\x2Ecss.*\x3E\s*/, '\r\n\t') .replace(/\x2E\x2E\x2F\x2E\x2E\x2F/g, ''); $('#demo-source code').empty().text(cleanedSource); } function resetDemos() { $.datepicker.setDefaults($.extend({showMonthAfterYear: false}, $.datepicker.regional[''])); $(".ui-dialog-content").remove(); } }); </script> ---- {noformat} h4. Solution [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] |