-
Type:
Task
-
Resolution: Unresolved
-
Priority:
Minor
-
Component/s: servicenow-devops-plugin
Problems
== Inline Script Block
Line: 18
----
<script type="text/javascript">
// Function to update the textarea content based on dropdown selection
function updateContent(selectedOption) {
var contentArea = document.getElementById("securityAttributeJson");
if (!contentArea || !(contentArea instanceof Element))
return;
if(selectedScanner && selectedScanner == selectedOption){
contentArea.value = JSON.stringify(initialAttrs);
selectedTool.value = selectedScanner;
return;
}
// Update content based on selected option
if (selectedOption === "Veracode") {
contentArea.value = '{"scanner": "Veracode", "applicationName": "", "buildVersion": "", "securityToolId": "" } ';
} else if (selectedOption === "Checkmarx One") {
contentArea.value = '{"scanner": "Checkmarx One", "projectName": "", "projectId": "", "scanId": "", "securityToolId": ""} ';
} else if (selectedOption === "Checkmarx SAST") {
contentArea.value = '{"scanner": "Checkmarx SAST", "projectId": "", "securityToolId": ""}';
} else if (selectedOption === "Others") {
contentArea.value = '{"scanner": "", "securityToolId": ""}';
}
}
var contentArea = document.getElementById("securityAttributeJson");
var selectedScanner = '';
if(contentArea && contentArea instanceof Element && contentArea.value){
var initialAttrs = JSON.parse(contentArea.value);
selectedScanner = ['Veracode', 'Checkmarx One', 'Checkmarx SAST'].indexOf(initialAttrs.scanner) !== -1 ? initialAttrs.scanner : 'Others';
}
if(!selectedScanner)
updateContent("Veracode");
</script>
----
== Inline Event Handler
Line: 7
----
<f:select onchange="updateContent(event.target.value)"/>
----
Solutions
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
