[JENKINS-74384] [netsparker-cloud-scan] Extract inline script blocks and event handler in com/netsparker/cloud/plugin/NCScanBuilder/config.jelly

Type: Task
Resolution: Unresolved
Priority: Minor
Component/s: netsparker-cloud-scan-plugin
Labels:
- CSP

Similar Issues:
Powered by SuggestiMate

Show
Epic Link:
CSP compatibility for Jenkins plugins

Problems

== Inline Script Block
Line: 6
----
<script>var Q = jQuery.noConflict()</script>
----

== Inline Script Block
Line: 73
----
<script type="text/javascript">
            (function () {
                function setProfileNameVisibility() {
                    Q('#ncScanType-${editorId}').change(function () {
                        var ncScanType = Q('#ncScanType-${editorId}');
                        var scanTypeValue = ncScanType.val();
                        var ncProfileIdRow = Q('#ncProfileId-${editorId}').closest("tr");

                        if (scanTypeValue == "FullWithPrimaryProfile") {
                            ncProfileIdRow.hide();
                            ncProfileIdRow.next().hide();
                            ncProfileIdRow.next().next().hide();//help-text container
                        } else {
                            ncProfileIdRow.show();
                            ncProfileIdRow.next().show();
                            ncProfileIdRow.next().next().show();//help-text container
                        }
                    })
                    Q('#ncWebsiteId-${editorId}').change();
                    Q('#ncScanType-${editorId}').change();
                };

                function toggleStopScanCheckBox(ncSeverityValue)
                {
                        var ncStopScanRow = Q('#ncStopScan-${editorId}').closest("tr");
                        var stopScanCheckBox = Q('#ncStopScan-${editorId}');

                         if (ncSeverityValue == "DoNotFail") {

                            ncStopScanRow.css("opacity","0.5");
                            stopScanCheckBox.prop("checked", false);
                            stopScanCheckBox.attr("disabled", "disabled");

                        } else {

                            ncStopScanRow.css("opacity","1");
                            stopScanCheckBox.removeAttr("disabled");

                        }
                }

                function toggleDoNotFailHiddenCheckBox(ncSeverityValue){
                    var ncDoNotFailRow = Q('#ncDoNotFail-${editorId}').closest("tr");
                    var doNotFailHiddenCheckBox = Q('#ncDoNotFail-${editorId}');
                    console.log(ncSeverityValue);
                    if (ncSeverityValue == "DoNotFail") {
                        doNotFailHiddenCheckBox.prop("checked", true);
                    }else{
                        doNotFailHiddenCheckBox.prop("checked", false);
                    }
                }

                function toggleConfirmedCheckBox(ncSeverityValue){
                    var ncConfirmedRow = Q('#ncConfirmed-${editorId}').closest("tr");
                        var confirmedCheckBox = Q('#ncConfirmed-${editorId}');
                         if (ncSeverityValue == "DoNotFail") {
                            ncConfirmedRow.css("opacity","0.5");
                            confirmedCheckBox.prop("checked", false);
                            confirmedCheckBox.attr("disabled", "disabled");
                        } else {
                            ncConfirmedRow.css("opacity","1");
                            confirmedCheckBox.removeAttr("disabled");
                        }
                }

                function toggleIgnoreFalsePositiveCheckBox(ncSeverityValue){
                    var ncIgnoreFalsePositiveRow = Q('#ncIgnoreFalsePositive-${editorId}').closest("tr");
                    var ignoreFalsePositiveCheckBox = Q('#ncIgnoreFalsePositive-${editorId}');
                    if (ncSeverityValue == "DoNotFail") {
                        ncIgnoreFalsePositiveRow.css("opacity","0.5");
                        ignoreFalsePositiveCheckBox.prop("checked", false);
                        ignoreFalsePositiveCheckBox.attr("disabled", "disabled");
                    } else {
                        ncIgnoreFalsePositiveRow.css("opacity","1");
                        ignoreFalsePositiveCheckBox.removeAttr("disabled");
                    }
                }

                function toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue){
                    var ncIgnoreRiskAcceptedRow = Q('#ncIgnoreRiskAccepted-${editorId}').closest("tr");
                    var ignoreRiskAcceptedCheckBox = Q('#ncIgnoreRiskAccepted-${editorId}');
                    if (ncSeverityValue == "DoNotFail") {
                        ncIgnoreRiskAcceptedRow.css("opacity","0.5");
                        ignoreRiskAcceptedCheckBox.prop("checked", false);
                        ignoreRiskAcceptedCheckBox.attr("disabled", "disabled");
                    } else {
                        ncIgnoreRiskAcceptedRow.css("opacity","1");
                        ignoreRiskAcceptedCheckBox.removeAttr("disabled");
                    }
                }

                function toggleAbortScanCheckBox()
                {
                        var ncAbortScanRow = Q('#ncAbortScan-${editorId}').closest("tr");
                        var abortScanCheckBox = Q('#ncAbortScan-${editorId}');

                         ncAbortScanRow.css("opacity","1");
                         abortScanCheckBox.removeAttr("disabled");
                }

                function setStopScanVisibility() {

                    Q('#ncSeverity-${editorId}').change(function () {
                        var ncSeverityValue = Q('#ncSeverity-${editorId}').val();
                        toggleStopScanCheckBox(ncSeverityValue);
                    })
                };

                function setAbortScanVisibility() {

                    toggleAbortScanCheckBox();
                };

                function setDoNotFailVisibility() {

                    Q('#ncSeverity-${editorId}').change(function () {
                        var ncSeverityValue = Q('#ncSeverity-${editorId}').val();
                        toggleDoNotFailHiddenCheckBox(ncSeverityValue);
                    })
                };

                function setConfirmedVisibility() {

                    Q('#ncSeverity-${editorId}').change(function () {
                        var ncSeverityValue = Q('#ncSeverity-${editorId}').val();
                        toggleConfirmedCheckBox(ncSeverityValue);
                    })
                };

                function setIgnoreFalsePositiveVisibility() {

                    Q('#ncSeverity-${editorId}').change(function () {
                        var ncSeverityValue = Q('#ncSeverity-${editorId}').val();
                        toggleIgnoreFalsePositiveCheckBox(ncSeverityValue);
                    })
                };

                function setIgnoreRiskAcceptedVisibility() {

                    Q('#ncSeverity-${editorId}').change(function () {
                        var ncSeverityValue = Q('#ncSeverity-${editorId}').val();
                        toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue);
                    })
                };

                setProfileNameVisibility();

                //function will be triggered when #ncScanType-${editorId} element created first time inside .jenkins-config
                //Previous function will be used later requests.
                Q(".jenkins-config").arrive("#ncScanType-${editorId}", function () {
                    // 'this' refers to the newly created element
                    setProfileNameVisibility();
                    Q(".jenkins-config").unbindArrive("#ncScanType-${editorId}");
                });

                Q(".jenkins-config").arrive("#ncReportType-${editorId}", function () {
                    Q(".jenkins-config").unbindArrive("#ncReportType-${editorId}");
                });

                setStopScanVisibility();
                setDoNotFailVisibility();
                setConfirmedVisibility();
                setIgnoreFalsePositiveVisibility();
                setIgnoreRiskAcceptedVisibility();
                setAbortScanVisibility();

                 //function will be triggered when #ncSeverity-${editorId} element created first time inside .jenkins-config
                Q(".jenkins-config").arrive("#ncSeverity-${editorId}", function () {
                    // 'this' refers to the newly created element
                    setStopScanVisibility();
                    setDoNotFailVisibility();
                    setConfirmedVisibility();
                    setIgnoreFalsePositiveVisibility();
                    setIgnoreRiskAcceptedVisibility();
                    setAbortScanVisibility();
                    //default might be DotNotFail so check toogle, timeout used for element ready.
                    setTimeout(function(){
                        toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleAbortScanCheckBox();
                     }, 500);

                    Q(".jenkins-config").unbindArrive("#ncSeverity-${editorId}");
                });

                //editor arrive doesn't work on edit.
                 setTimeout(function(){
                        toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val());
                        toggleAbortScanCheckBox();
                 }, 1000);

            })();
        </script>
----

== Inline Event Handler
Line: 18
----
<!-- use this for onfocus event onfocus="getWebsites(this.id)" -->
----

Solutions

https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers

Basil Crow created issue - 2024-10-23 23:53

Basil Crow made changes - 2024-10-24 00:48

Assignee

Original: Netsparker Cloud [ netsparker ]

Basil Crow made changes - 2024-10-24 15:17

Description	Original: h4. Problems {noformat} == Inline Event Handler Line: 18 ---- <!-- use this for onfocus event onfocus="getWebsites(this.id)" --> ---- == Inline Script Block Line: 6 ---- <script>var Q = jQuery.noConflict()</script> ---- == Inline Script Block Line: 73 ---- <script type="text/javascript"> (function () { function setProfileNameVisibility() { Q('#ncScanType-${editorId}').change(function () { var ncScanType = Q('#ncScanType-${editorId}'); var scanTypeValue = ncScanType.val(); var ncProfileIdRow = Q('#ncProfileId-${editorId}').closest("tr"); if (scanTypeValue == "FullWithPrimaryProfile") { ncProfileIdRow.hide(); ncProfileIdRow.next().hide(); ncProfileIdRow.next().next().hide();//help-text container } else { ncProfileIdRow.show(); ncProfileIdRow.next().show(); ncProfileIdRow.next().next().show();//help-text container } }) Q('#ncWebsiteId-${editorId}').change(); Q('#ncScanType-${editorId}').change(); }; function toggleStopScanCheckBox(ncSeverityValue) { var ncStopScanRow = Q('#ncStopScan-${editorId}').closest("tr"); var stopScanCheckBox = Q('#ncStopScan-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncStopScanRow.css("opacity","0.5"); stopScanCheckBox.prop("checked", false); stopScanCheckBox.attr("disabled", "disabled"); } else { ncStopScanRow.css("opacity","1"); stopScanCheckBox.removeAttr("disabled"); } } function toggleDoNotFailHiddenCheckBox(ncSeverityValue){ var ncDoNotFailRow = Q('#ncDoNotFail-${editorId}').closest("tr"); var doNotFailHiddenCheckBox = Q('#ncDoNotFail-${editorId}'); console.log(ncSeverityValue); if (ncSeverityValue == "DoNotFail") { doNotFailHiddenCheckBox.prop("checked", true); }else{ doNotFailHiddenCheckBox.prop("checked", false); } } function toggleConfirmedCheckBox(ncSeverityValue){ var ncConfirmedRow = Q('#ncConfirmed-${editorId}').closest("tr"); var confirmedCheckBox = Q('#ncConfirmed-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncConfirmedRow.css("opacity","0.5"); confirmedCheckBox.prop("checked", false); confirmedCheckBox.attr("disabled", "disabled"); } else { ncConfirmedRow.css("opacity","1"); confirmedCheckBox.removeAttr("disabled"); } } function toggleIgnoreFalsePositiveCheckBox(ncSeverityValue){ var ncIgnoreFalsePositiveRow = Q('#ncIgnoreFalsePositive-${editorId}').closest("tr"); var ignoreFalsePositiveCheckBox = Q('#ncIgnoreFalsePositive-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncIgnoreFalsePositiveRow.css("opacity","0.5"); ignoreFalsePositiveCheckBox.prop("checked", false); ignoreFalsePositiveCheckBox.attr("disabled", "disabled"); } else { ncIgnoreFalsePositiveRow.css("opacity","1"); ignoreFalsePositiveCheckBox.removeAttr("disabled"); } } function toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue){ var ncIgnoreRiskAcceptedRow = Q('#ncIgnoreRiskAccepted-${editorId}').closest("tr"); var ignoreRiskAcceptedCheckBox = Q('#ncIgnoreRiskAccepted-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncIgnoreRiskAcceptedRow.css("opacity","0.5"); ignoreRiskAcceptedCheckBox.prop("checked", false); ignoreRiskAcceptedCheckBox.attr("disabled", "disabled"); } else { ncIgnoreRiskAcceptedRow.css("opacity","1"); ignoreRiskAcceptedCheckBox.removeAttr("disabled"); } } function toggleAbortScanCheckBox() { var ncAbortScanRow = Q('#ncAbortScan-${editorId}').closest("tr"); var abortScanCheckBox = Q('#ncAbortScan-${editorId}'); ncAbortScanRow.css("opacity","1"); abortScanCheckBox.removeAttr("disabled"); } function setStopScanVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleStopScanCheckBox(ncSeverityValue); }) }; function setAbortScanVisibility() { toggleAbortScanCheckBox(); }; function setDoNotFailVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleDoNotFailHiddenCheckBox(ncSeverityValue); }) }; function setConfirmedVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleConfirmedCheckBox(ncSeverityValue); }) }; function setIgnoreFalsePositiveVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleIgnoreFalsePositiveCheckBox(ncSeverityValue); }) }; function setIgnoreRiskAcceptedVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue); }) }; setProfileNameVisibility(); //function will be triggered when #ncScanType-${editorId} element created first time inside .jenkins-config //Previous function will be used later requests. Q(".jenkins-config").arrive("#ncScanType-${editorId}", function () { // 'this' refers to the newly created element setProfileNameVisibility(); Q(".jenkins-config").unbindArrive("#ncScanType-${editorId}"); }); Q(".jenkins-config").arrive("#ncReportType-${editorId}", function () { Q(".jenkins-config").unbindArrive("#ncReportType-${editorId}"); }); setStopScanVisibility(); setDoNotFailVisibility(); setConfirmedVisibility(); setIgnoreFalsePositiveVisibility(); setIgnoreRiskAcceptedVisibility(); setAbortScanVisibility(); //function will be triggered when #ncSeverity-${editorId} element created first time inside .jenkins-config Q(".jenkins-config").arrive("#ncSeverity-${editorId}", function () { // 'this' refers to the newly created element setStopScanVisibility(); setDoNotFailVisibility(); setConfirmedVisibility(); setIgnoreFalsePositiveVisibility(); setIgnoreRiskAcceptedVisibility(); setAbortScanVisibility(); //default might be DotNotFail so check toogle, timeout used for element ready. setTimeout(function(){ toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val()); toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val()); toggleAbortScanCheckBox(); }, 500); Q(".jenkins-config").unbindArrive("#ncSeverity-${editorId}"); }); //editor arrive doesn't work on edit. setTimeout(function(){ toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val()); toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val()); toggleAbortScanCheckBox(); }, 1000); })(); </script> ---- == Inline Event Handler Line: 18 ---- <!-- use this for onfocus event onfocus="getWebsites(this.id)" --> ---- == Inline Script Block Line: 6 ---- <script>var Q = jQuery.noConflict()</script> ---- == Inline Script Block Line: 73 ---- <script type="text/javascript"> (function () { function setProfileNameVisibility() { Q('#ncScanType-${editorId}').change(function () { var ncScanType = Q('#ncScanType-${editorId}'); var scanTypeValue = ncScanType.val(); var ncProfileIdRow = Q('#ncProfileId-${editorId}').closest("tr"); if (scanTypeValue == "FullWithPrimaryProfile") { ncProfileIdRow.hide(); ncProfileIdRow.next().hide(); ncProfileIdRow.next().next().hide();//help-text container } else { ncProfileIdRow.show(); ncProfileIdRow.next().show(); ncProfileIdRow.next().next().show();//help-text container } }) Q('#ncWebsiteId-${editorId}').change(); Q('#ncScanType-${editorId}').change(); }; function toggleStopScanCheckBox(ncSeverityValue) { var ncStopScanRow = Q('#ncStopScan-${editorId}').closest("tr"); var stopScanCheckBox = Q('#ncStopScan-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncStopScanRow.css("opacity","0.5"); stopScanCheckBox.prop("checked", false); stopScanCheckBox.attr("disabled", "disabled"); } else { ncStopScanRow.css("opacity","1"); stopScanCheckBox.removeAttr("disabled"); } } function toggleDoNotFailHiddenCheckBox(ncSeverityValue){ var ncDoNotFailRow = Q('#ncDoNotFail-${editorId}').closest("tr"); var doNotFailHiddenCheckBox = Q('#ncDoNotFail-${editorId}'); console.log(ncSeverityValue); if (ncSeverityValue == "DoNotFail") { doNotFailHiddenCheckBox.prop("checked", true); }else{ doNotFailHiddenCheckBox.prop("checked", false); } } function toggleConfirmedCheckBox(ncSeverityValue){ var ncConfirmedRow = Q('#ncConfirmed-${editorId}').closest("tr"); var confirmedCheckBox = Q('#ncConfirmed-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncConfirmedRow.css("opacity","0.5"); confirmedCheckBox.prop("checked", false); confirmedCheckBox.attr("disabled", "disabled"); } else { ncConfirmedRow.css("opacity","1"); confirmedCheckBox.removeAttr("disabled"); } } function toggleIgnoreFalsePositiveCheckBox(ncSeverityValue){ var ncIgnoreFalsePositiveRow = Q('#ncIgnoreFalsePositive-${editorId}').closest("tr"); var ignoreFalsePositiveCheckBox = Q('#ncIgnoreFalsePositive-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncIgnoreFalsePositiveRow.css("opacity","0.5"); ignoreFalsePositiveCheckBox.prop("checked", false); ignoreFalsePositiveCheckBox.attr("disabled", "disabled"); } else { ncIgnoreFalsePositiveRow.css("opacity","1"); ignoreFalsePositiveCheckBox.removeAttr("disabled"); } } function toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue){ var ncIgnoreRiskAcceptedRow = Q('#ncIgnoreRiskAccepted-${editorId}').closest("tr"); var ignoreRiskAcceptedCheckBox = Q('#ncIgnoreRiskAccepted-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncIgnoreRiskAcceptedRow.css("opacity","0.5"); ignoreRiskAcceptedCheckBox.prop("checked", false); ignoreRiskAcceptedCheckBox.attr("disabled", "disabled"); } else { ncIgnoreRiskAcceptedRow.css("opacity","1"); ignoreRiskAcceptedCheckBox.removeAttr("disabled"); } } function toggleAbortScanCheckBox() { var ncAbortScanRow = Q('#ncAbortScan-${editorId}').closest("tr"); var abortScanCheckBox = Q('#ncAbortScan-${editorId}'); ncAbortScanRow.css("opacity","1"); abortScanCheckBox.removeAttr("disabled"); } function setStopScanVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleStopScanCheckBox(ncSeverityValue); }) }; function setAbortScanVisibility() { toggleAbortScanCheckBox(); }; function setDoNotFailVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleDoNotFailHiddenCheckBox(ncSeverityValue); }) }; function setConfirmedVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleConfirmedCheckBox(ncSeverityValue); }) }; function setIgnoreFalsePositiveVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleIgnoreFalsePositiveCheckBox(ncSeverityValue); }) }; function setIgnoreRiskAcceptedVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue); }) }; setProfileNameVisibility(); //function will be triggered when #ncScanType-${editorId} element created first time inside .jenkins-config //Previous function will be used later requests. Q(".jenkins-config").arrive("#ncScanType-${editorId}", function () { // 'this' refers to the newly created element setProfileNameVisibility(); Q(".jenkins-config").unbindArrive("#ncScanType-${editorId}"); }); Q(".jenkins-config").arrive("#ncReportType-${editorId}", function () { Q(".jenkins-config").unbindArrive("#ncReportType-${editorId}"); }); setStopScanVisibility(); setDoNotFailVisibility(); setConfirmedVisibility(); setIgnoreFalsePositiveVisibility(); setIgnoreRiskAcceptedVisibility(); setAbortScanVisibility(); //function will be triggered when #ncSeverity-${editorId} element created first time inside .jenkins-config Q(".jenkins-config").arrive("#ncSeverity-${editorId}", function () { // 'this' refers to the newly created element setStopScanVisibility(); setDoNotFailVisibility(); setConfirmedVisibility(); setIgnoreFalsePositiveVisibility(); setIgnoreRiskAcceptedVisibility(); setAbortScanVisibility(); //default might be DotNotFail so check toogle, timeout used for element ready. setTimeout(function(){ toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val()); toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val()); toggleAbortScanCheckBox(); }, 500); Q(".jenkins-config").unbindArrive("#ncSeverity-${editorId}"); }); //editor arrive doesn't work on edit. setTimeout(function(){ toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val()); toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val()); toggleAbortScanCheckBox(); }, 1000); })(); </script> ---- {noformat} h4. Solutions [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]	New: h4. Problems {noformat} == Inline Script Block Line: 6 ---- <script>var Q = jQuery.noConflict()</script> ---- == Inline Script Block Line: 73 ---- <script type="text/javascript"> (function () { function setProfileNameVisibility() { Q('#ncScanType-${editorId}').change(function () { var ncScanType = Q('#ncScanType-${editorId}'); var scanTypeValue = ncScanType.val(); var ncProfileIdRow = Q('#ncProfileId-${editorId}').closest("tr"); if (scanTypeValue == "FullWithPrimaryProfile") { ncProfileIdRow.hide(); ncProfileIdRow.next().hide(); ncProfileIdRow.next().next().hide();//help-text container } else { ncProfileIdRow.show(); ncProfileIdRow.next().show(); ncProfileIdRow.next().next().show();//help-text container } }) Q('#ncWebsiteId-${editorId}').change(); Q('#ncScanType-${editorId}').change(); }; function toggleStopScanCheckBox(ncSeverityValue) { var ncStopScanRow = Q('#ncStopScan-${editorId}').closest("tr"); var stopScanCheckBox = Q('#ncStopScan-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncStopScanRow.css("opacity","0.5"); stopScanCheckBox.prop("checked", false); stopScanCheckBox.attr("disabled", "disabled"); } else { ncStopScanRow.css("opacity","1"); stopScanCheckBox.removeAttr("disabled"); } } function toggleDoNotFailHiddenCheckBox(ncSeverityValue){ var ncDoNotFailRow = Q('#ncDoNotFail-${editorId}').closest("tr"); var doNotFailHiddenCheckBox = Q('#ncDoNotFail-${editorId}'); console.log(ncSeverityValue); if (ncSeverityValue == "DoNotFail") { doNotFailHiddenCheckBox.prop("checked", true); }else{ doNotFailHiddenCheckBox.prop("checked", false); } } function toggleConfirmedCheckBox(ncSeverityValue){ var ncConfirmedRow = Q('#ncConfirmed-${editorId}').closest("tr"); var confirmedCheckBox = Q('#ncConfirmed-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncConfirmedRow.css("opacity","0.5"); confirmedCheckBox.prop("checked", false); confirmedCheckBox.attr("disabled", "disabled"); } else { ncConfirmedRow.css("opacity","1"); confirmedCheckBox.removeAttr("disabled"); } } function toggleIgnoreFalsePositiveCheckBox(ncSeverityValue){ var ncIgnoreFalsePositiveRow = Q('#ncIgnoreFalsePositive-${editorId}').closest("tr"); var ignoreFalsePositiveCheckBox = Q('#ncIgnoreFalsePositive-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncIgnoreFalsePositiveRow.css("opacity","0.5"); ignoreFalsePositiveCheckBox.prop("checked", false); ignoreFalsePositiveCheckBox.attr("disabled", "disabled"); } else { ncIgnoreFalsePositiveRow.css("opacity","1"); ignoreFalsePositiveCheckBox.removeAttr("disabled"); } } function toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue){ var ncIgnoreRiskAcceptedRow = Q('#ncIgnoreRiskAccepted-${editorId}').closest("tr"); var ignoreRiskAcceptedCheckBox = Q('#ncIgnoreRiskAccepted-${editorId}'); if (ncSeverityValue == "DoNotFail") { ncIgnoreRiskAcceptedRow.css("opacity","0.5"); ignoreRiskAcceptedCheckBox.prop("checked", false); ignoreRiskAcceptedCheckBox.attr("disabled", "disabled"); } else { ncIgnoreRiskAcceptedRow.css("opacity","1"); ignoreRiskAcceptedCheckBox.removeAttr("disabled"); } } function toggleAbortScanCheckBox() { var ncAbortScanRow = Q('#ncAbortScan-${editorId}').closest("tr"); var abortScanCheckBox = Q('#ncAbortScan-${editorId}'); ncAbortScanRow.css("opacity","1"); abortScanCheckBox.removeAttr("disabled"); } function setStopScanVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleStopScanCheckBox(ncSeverityValue); }) }; function setAbortScanVisibility() { toggleAbortScanCheckBox(); }; function setDoNotFailVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleDoNotFailHiddenCheckBox(ncSeverityValue); }) }; function setConfirmedVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleConfirmedCheckBox(ncSeverityValue); }) }; function setIgnoreFalsePositiveVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleIgnoreFalsePositiveCheckBox(ncSeverityValue); }) }; function setIgnoreRiskAcceptedVisibility() { Q('#ncSeverity-${editorId}').change(function () { var ncSeverityValue = Q('#ncSeverity-${editorId}').val(); toggleIgnoreRiskAcceptedCheckBox(ncSeverityValue); }) }; setProfileNameVisibility(); //function will be triggered when #ncScanType-${editorId} element created first time inside .jenkins-config //Previous function will be used later requests. Q(".jenkins-config").arrive("#ncScanType-${editorId}", function () { // 'this' refers to the newly created element setProfileNameVisibility(); Q(".jenkins-config").unbindArrive("#ncScanType-${editorId}"); }); Q(".jenkins-config").arrive("#ncReportType-${editorId}", function () { Q(".jenkins-config").unbindArrive("#ncReportType-${editorId}"); }); setStopScanVisibility(); setDoNotFailVisibility(); setConfirmedVisibility(); setIgnoreFalsePositiveVisibility(); setIgnoreRiskAcceptedVisibility(); setAbortScanVisibility(); //function will be triggered when #ncSeverity-${editorId} element created first time inside .jenkins-config Q(".jenkins-config").arrive("#ncSeverity-${editorId}", function () { // 'this' refers to the newly created element setStopScanVisibility(); setDoNotFailVisibility(); setConfirmedVisibility(); setIgnoreFalsePositiveVisibility(); setIgnoreRiskAcceptedVisibility(); setAbortScanVisibility(); //default might be DotNotFail so check toogle, timeout used for element ready. setTimeout(function(){ toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val()); toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val()); toggleAbortScanCheckBox(); }, 500); Q(".jenkins-config").unbindArrive("#ncSeverity-${editorId}"); }); //editor arrive doesn't work on edit. setTimeout(function(){ toggleStopScanCheckBox(Q("#ncSeverity-${editorId}").val()); toggleConfirmedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreFalsePositiveCheckBox(Q("#ncSeverity-${editorId}").val()); toggleIgnoreRiskAcceptedCheckBox(Q("#ncSeverity-${editorId}").val()); toggleDoNotFailHiddenCheckBox(Q("#ncSeverity-${editorId}").val()); toggleAbortScanCheckBox(); }, 1000); })(); </script> ---- == Inline Event Handler Line: 18 ---- <!-- use this for onfocus event onfocus="getWebsites(this.id)" --> ---- {noformat} h4. Solutions [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
Summary	Original: [netsparker-cloud-scan] Extract inline script blocks and event handlers in com/netsparker/cloud/plugin/NCScanBuilder/config.jelly	New: [netsparker-cloud-scan] Extract inline script blocks and event handler in com/netsparker/cloud/plugin/NCScanBuilder/config.jelly

Jenkins

Details

Description

Problems

Solutions

Attachments

Activity

People

Dates