-
Type:
Task
-
Resolution: Unresolved
-
Priority:
Minor
-
Component/s: clif-performance-testing-plugin
Note
While testing this plugin, evaluate whether the third-party libraries in src/main/webapp are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.
Problems
== Legacy checkUrl
Line: 8
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkClifReportDirectory?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 65
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkMinTimestamp?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 70
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkMaxTimestamp?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 83
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkKeepFactor?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 89
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkKeepPercentage?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 100
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkChartWidth?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 106
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkChartHeight?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 112
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkDistributionSliceSize?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 117
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkDistributionSliceNumber?value='+escape(this.value)"
----
== Legacy checkUrl
Line: 123
----
checkUrl="'${rootURL}/publisher/ClifPublisher/checkStatisticalPeriod?value='+escape(this.value)"
----
Solution
https://www.jenkins.io/doc/developer/security/csp/#legacy-javascript-checkurl-validation
