-
Type:
Task
-
Resolution: Unresolved
-
Priority:
Minor
-
Component/s: benchmark-evaluator-plugin
Note
While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.
Problems
== Inline Script Block
Line: 12
----
<script>
var jQ = jQuery.noConflict(true);
var backend =
<st:bind value="${it}" />
${it.getAllInformations()};
var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
var axisNames = ['${%change}'];
var language = '${%language}';
var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};
function formatNumber(input){
return (input.toFixed(2)+"").replace('.', '${%seperator}');
}
</script>
----
== Inline Event Handler
Line: 33
----
<button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
----
== Inline Event Handler
Line: 34
----
<button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
----
== Inline Event Handler
Line: 35
----
<button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
----
== Inline Event Handler
Line: 36
----
<input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
----
== Inline Event Handler
Line: 37
----
<button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
----
== Inline Event Handler
Line: 38
----
<input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
----
Solutions
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
