Note

While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.

Problems

== Inline Script Block
Line: 7
----
<script>
        var klocworkResultsAction = <st:bind value="${it}"/>
    </script>
----

== Inline Script Block
Line: 124
----
<script>
        Klocwork.showOrHideLogout();
    </script>
----

== Inline Event Handler
Line: 17
----
<button class="authentication-details-logout" id="klocworkResultsAction_authenticationLogoutButton" onclick="Klocwork.deleteAuthenticationCookies()">
----

== Inline Event Handler
Line: 65
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationSave" onclick="Klocwork.authenticate(${issueId})">
----

== Inline Event Handler
Line: 66
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationCancel" onclick="Klocwork.cancelAuthentication()">
----

== Inline Event Handler
Line: 73
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'newIssues')">
----

== Inline Event Handler
Line: 101
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'fixedIssues')">
----

Solutions

https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers

Basil Crow created issue - 2024-10-23 23:42

Basil Crow made changes - 2024-10-24 00:48

Assignee

Original: Jacob Lärfors [ jlarfors ]

Basil Crow made changes - 2024-10-24 15:08

Description

Original: h4. Problems

{noformat}
== Inline Event Handler
Line: 17
----
<button class="authentication-details-logout" id="klocworkResultsAction_authenticationLogoutButton" onclick="Klocwork.deleteAuthenticationCookies()">
----

== Inline Event Handler
Line: 65
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationSave" onclick="Klocwork.authenticate(${issueId})">
----

== Inline Event Handler
Line: 66
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationCancel" onclick="Klocwork.cancelAuthentication()">
----

== Inline Event Handler
Line: 73
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'newIssues')">
----

== Inline Event Handler
Line: 101
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'fixedIssues')">
----

== Inline Script Block
Line: 7
----
<script>
        var klocworkResultsAction = <st:bind value="${it}"/>
    </script>
----

== Inline Script Block
Line: 124
----
<script>
        Klocwork.showOrHideLogout();
    </script>
----

== Inline Event Handler
Line: 17
----
<button class="authentication-details-logout" id="klocworkResultsAction_authenticationLogoutButton" onclick="Klocwork.deleteAuthenticationCookies()">
----

== Inline Event Handler
Line: 65
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationSave" onclick="Klocwork.authenticate(${issueId})">
----

== Inline Event Handler
Line: 66
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationCancel" onclick="Klocwork.cancelAuthentication()">
----

== Inline Event Handler
Line: 73
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'newIssues')">
----

== Inline Event Handler
Line: 101
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'fixedIssues')">
----

== Inline Script Block
Line: 7
----
<script>
        var klocworkResultsAction = <st:bind value="${it}"/>
    </script>
----

== Inline Script Block
Line: 124
----
<script>
        Klocwork.showOrHideLogout();
    </script>
----
{noformat}

h4. Solutions

[https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
[https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]

New: h4. Problems

{noformat}
== Inline Script Block
Line: 7
----
<script>
        var klocworkResultsAction = <st:bind value="${it}"/>
    </script>
----

== Inline Script Block
Line: 124
----
<script>
        Klocwork.showOrHideLogout();
    </script>
----

== Inline Event Handler
Line: 17
----
<button class="authentication-details-logout" id="klocworkResultsAction_authenticationLogoutButton" onclick="Klocwork.deleteAuthenticationCookies()">
----

== Inline Event Handler
Line: 65
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationSave" onclick="Klocwork.authenticate(${issueId})">
----

== Inline Event Handler
Line: 66
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationCancel" onclick="Klocwork.cancelAuthentication()">
----

== Inline Event Handler
Line: 73
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'newIssues')">
----

== Inline Event Handler
Line: 101
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'fixedIssues')">
----
{noformat}

h4. Solutions

[https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
[https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]

Basil Crow made changes - 2024-10-24 19:32

Description

Original: h4. Problems

{noformat}
== Inline Script Block
Line: 7
----
<script>
        var klocworkResultsAction = <st:bind value="${it}"/>
    </script>
----

== Inline Script Block
Line: 124
----
<script>
        Klocwork.showOrHideLogout();
    </script>
----

== Inline Event Handler
Line: 17
----
<button class="authentication-details-logout" id="klocworkResultsAction_authenticationLogoutButton" onclick="Klocwork.deleteAuthenticationCookies()">
----

== Inline Event Handler
Line: 65
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationSave" onclick="Klocwork.authenticate(${issueId})">
----

== Inline Event Handler
Line: 66
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationCancel" onclick="Klocwork.cancelAuthentication()">
----

== Inline Event Handler
Line: 73
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'newIssues')">
----

== Inline Event Handler
Line: 101
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'fixedIssues')">
----
{noformat}

h4. Solutions

[https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
[https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]

New: h1. Note

*While testing this plugin, evaluate whether the third-party libraries in {{src/main/webapp}} are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.*

h4. Problems

{noformat}
== Inline Script Block
Line: 7
----
<script>
        var klocworkResultsAction = <st:bind value="${it}"/>
    </script>
----

== Inline Script Block
Line: 124
----
<script>
        Klocwork.showOrHideLogout();
    </script>
----

== Inline Event Handler
Line: 17
----
<button class="authentication-details-logout" id="klocworkResultsAction_authenticationLogoutButton" onclick="Klocwork.deleteAuthenticationCookies()">
----

== Inline Event Handler
Line: 65
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationSave" onclick="Klocwork.authenticate(${issueId})">
----

== Inline Event Handler
Line: 66
----
<button class="authentication-save-control" id="klocworkResultsAction_authenticationCancel" onclick="Klocwork.cancelAuthentication()">
----

== Inline Event Handler
Line: 73
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'newIssues')">
----

== Inline Event Handler
Line: 101
----
<a class="link-style-none collapsible block ${initialCollapse}" onclick="Klocwork.toggle(this, 'fixedIssues')">
----
{noformat}

h4. Solutions

[https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
[https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]

Jenkins

[klocwork] Extract inline script blocks and event handlers in com/klocwork/kwjenkinsplugin/reporting/KlocworkResultsAction/summary.jelly

Note

Problems

Solutions

[JENKINS-74283] [klocwork] Extract inline script blocks and event handlers in com/klocwork/kwjenkinsplugin/reporting/KlocworkResultsAction/summary.jelly

Jenkins

Details

Description

Note

Problems

Solutions

Attachments

Activity

[JENKINS-74283] [klocwork] Extract inline script blocks and event handlers in com/klocwork/kwjenkinsplugin/reporting/KlocworkResultsAction/summary.jelly

People

Dates