Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-74542

[benchmark-evaluator] Extract inline script block and event handlers in io/jenkins/plugins/benchmark/BenchmarkResultAction/index.jelly

XMLWordPrintable

      Note

      While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.

      Problems

      == Inline Script Block
Line: 12
----
<script>
				var jQ = jQuery.noConflict(true);
				var backend =
				<st:bind value="${it}" />
				${it.getAllInformations()};
				var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
				var axisNames = ['${%change}'];
				var language = '${%language}';
				var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};
				
				function formatNumber(input){
					return (input.toFixed(2)+"").replace('.', '${%seperator}');
				}

			</script>
----

== Inline Event Handler
Line: 33
----
<button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
----

== Inline Event Handler
Line: 34
----
<button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
----

== Inline Event Handler
Line: 35
----
<button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
----

== Inline Event Handler
Line: 36
----
<input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
----

== Inline Event Handler
Line: 37
----
<button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
----

== Inline Event Handler
Line: 38
----
<input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
----

      Solutions

      https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
      https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers

          [JENKINS-74542] [benchmark-evaluator] Extract inline script block and event handlers in io/jenkins/plugins/benchmark/BenchmarkResultAction/index.jelly

          Basil Crow created issue -
          Basil Crow made changes -
          Assignee Original: Fabian Lehmann [ lehmann_fabian ]
          Basil Crow made changes -
          Description Original: h4. Problems

          {noformat}
          == Inline Event Handler
          Line: 33
          ----
          <button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
          ----

          == Inline Event Handler
          Line: 34
          ----
          <button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
          ----

          == Inline Event Handler
          Line: 35
          ----
          <button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
          ----

          == Inline Event Handler
          Line: 36
          ----
          <input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
          ----

          == Inline Event Handler
          Line: 37
          ----
          <button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
          ----

          == Inline Event Handler
          Line: 38
          ----
          <input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
          ----

          == Inline Script Block
          Line: 12
          ----
          <script>
          var jQ = jQuery.noConflict(true);
          var backend =
          <st:bind value="${it}" />
          ${it.getAllInformations()};
          var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
          var axisNames = ['${%change}'];
          var language = '${%language}';
          var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};

          function formatNumber(input){
          return (input.toFixed(2)+"").replace('.', '${%seperator}');
          }

          </script>
          ----

          == Inline Event Handler
          Line: 33
          ----
          <button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
          ----

          == Inline Event Handler
          Line: 34
          ----
          <button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
          ----

          == Inline Event Handler
          Line: 35
          ----
          <button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
          ----

          == Inline Event Handler
          Line: 36
          ----
          <input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
          ----

          == Inline Event Handler
          Line: 37
          ----
          <button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
          ----

          == Inline Event Handler
          Line: 38
          ----
          <input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
          ----

          == Inline Script Block
          Line: 12
          ----
          <script>
          var jQ = jQuery.noConflict(true);
          var backend =
          <st:bind value="${it}" />
          ${it.getAllInformations()};
          var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
          var axisNames = ['${%change}'];
          var language = '${%language}';
          var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};

          function formatNumber(input){
          return (input.toFixed(2)+"").replace('.', '${%seperator}');
          }

          </script>
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          		 New: h4. Problems

          {noformat}
          == Inline Script Block
          Line: 12
          ----
          <script>
          var jQ = jQuery.noConflict(true);
          var backend =
          <st:bind value="${it}" />
          ${it.getAllInformations()};
          var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
          var axisNames = ['${%change}'];
          var language = '${%language}';
          var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};

          function formatNumber(input){
          return (input.toFixed(2)+"").replace('.', '${%seperator}');
          }

          </script>
          ----

          == Inline Event Handler
          Line: 33
          ----
          <button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
          ----

          == Inline Event Handler
          Line: 34
          ----
          <button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
          ----

          == Inline Event Handler
          Line: 35
          ----
          <button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
          ----

          == Inline Event Handler
          Line: 36
          ----
          <input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
          ----

          == Inline Event Handler
          Line: 37
          ----
          <button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
          ----

          == Inline Event Handler
          Line: 38
          ----
          <input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          Summary Original: [benchmark-evaluator] Extract inline script blocks and event handlers in io/jenkins/plugins/benchmark/BenchmarkResultAction/index.jelly New: [benchmark-evaluator] Extract inline script block and event handlers in io/jenkins/plugins/benchmark/BenchmarkResultAction/index.jelly
          Basil Crow made changes -
          Description Original: h4. Problems

          {noformat}
          == Inline Script Block
          Line: 12
          ----
          <script>
          var jQ = jQuery.noConflict(true);
          var backend =
          <st:bind value="${it}" />
          ${it.getAllInformations()};
          var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
          var axisNames = ['${%change}'];
          var language = '${%language}';
          var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};

          function formatNumber(input){
          return (input.toFixed(2)+"").replace('.', '${%seperator}');
          }

          </script>
          ----

          == Inline Event Handler
          Line: 33
          ----
          <button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
          ----

          == Inline Event Handler
          Line: 34
          ----
          <button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
          ----

          == Inline Event Handler
          Line: 35
          ----
          <button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
          ----

          == Inline Event Handler
          Line: 36
          ----
          <input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
          ----

          == Inline Event Handler
          Line: 37
          ----
          <button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
          ----

          == Inline Event Handler
          Line: 38
          ----
          <input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
          		 New: h1. Note

          *While testing this plugin, evaluate whether the third-party libraries in {{src/main/webapp}} are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.*

          h4. Problems

          {noformat}
          == Inline Script Block
          Line: 12
          ----
          <script>
          var jQ = jQuery.noConflict(true);
          var backend =
          <st:bind value="${it}" />
          ${it.getAllInformations()};
          var columnsNames = ['${%BuildNr}','${%value}','${%min_value}','${%max_value}','${%change}','${%min_change}','${%max_change}'];
          var axisNames = ['${%change}'];
          var language = '${%language}';
          var statNames = {'avg':'${%avg}','var':'${%var}','min':'${%min}','max':'${%max}'};

          function formatNumber(input){
          return (input.toFixed(2)+"").replace('.', '${%seperator}');
          }

          </script>
          ----

          == Inline Event Handler
          Line: 33
          ----
          <button id="leftButton" type="button" class="btn btn-default" style="margin-left:2px;" onclick="go(-1)">
          ----

          == Inline Event Handler
          Line: 34
          ----
          <button id="zoomInButton" type="button" class="btn btn-default" onclick="zoom()">
          ----

          == Inline Event Handler
          Line: 35
          ----
          <button id="zoomOutButton" type="button" class="btn btn-default" onclick="zoom(false)">
          ----

          == Inline Event Handler
          Line: 36
          ----
          <input id="searchField" type="text" class="form-control" style="width:10%;display:initial;vertical-align: middle;" placeholder="${%search}..." onkeyup="filter()">
          ----

          == Inline Event Handler
          Line: 37
          ----
          <button id="rightButton" type="button" class="btn btn-default" onclick="go(+1)" style = "margin-right : 20px">
          ----

          == Inline Event Handler
          Line: 38
          ----
          <input type="checkbox" id="onlySucces" class="css-checkbox lrg" style="padding-left:5px" onclick="onlySuccesClicked()"/>
          ----
          {noformat}

          h4. Solutions

          [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks]
          [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]

            Unassigned Unassigned
            basil Basil Crow
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: