[benchmark-evaluator] Extract inline script block and event handlers in io/jenkins/plugins/benchmark/BenchmarkConfigAction/index.jelly

XMLWordPrintable

      Note

      While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.

      Problems

      == Inline Script Block
Line: 12
----
<script>
				var jQ = jQuery.noConflict(true);
				var backend = 
				<st:bind value="${it}"/>
			</script>
----

== Inline Event Handler
Line: 27
----
<th id="metric" onclick="sortTable('metric','configTable',a=>
----

== Inline Event Handler
Line: 33
----
<th id="since" onclick="sortTable('since','configTable',a=>
----

== Inline Event Handler
Line: 44
----
<input type="text" value="${conf.getValue().getUnit()}" id="${conf.getKey()}_unit" class="fields form-control"
											onchange="setMetricUnit('${conf.getKey()}')">
----

== Inline Event Handler
Line: 51
----
<input type="number" value="${conf.getValue().getMinValue()}" id="${conf.getKey()}_minValue"
											step="any" class="form-control"
											onchange="setMetricMinValue('${conf.getKey()}')">
----

== Inline Event Handler
Line: 59
----
<input type="number" value="${conf.getValue().getMaxValue()}" id="${conf.getKey()}_maxValue"
											step="any" class="form-control"
											onchange="setMetricMaxValue('${conf.getKey()}')">
----

== Inline Event Handler
Line: 67
----
<input type="number" value="${conf.getValue().getMinPercent()}"
											id="${conf.getKey()}_minPercent" step="any" class="form-control"
											onchange="setMinPercent('${conf.getKey()}')">
----

== Inline Event Handler
Line: 75
----
<input type="number" value="${conf.getValue().getMaxPercent()}"
											id="${conf.getKey()}_maxPercent" step="any" class="form-control"
											onchange="setMaxPercent('${conf.getKey()}')">
----

== Inline Event Handler
Line: 91
----
<button type="button" class="btn btn-danger btn-sm" onclick="deleteMetric('${conf.getKey()}')">
----

== Inline Event Handler
Line: 99
----
<button type="button" class="btn btn-danger btn-sm" onclick="deleteMetric('${conf.getKey()}')" disabled="true">
----

== Inline Event Handler
Line: 129
----
<input type="text"
								id="newMetric" class="form-control"
								onchange="createMetric(document.getElementById('newMetric').value)">
----

      Solutions

      https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
      https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers

            Assignee:
            Unassigned
            Reporter:
            Basil Crow
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: