[JENKINS-74644] [inedo-buildmaster] Extract inline script block and event handler in WEB-INF/classes/com/inedo/buildmaster/jenkins/BuildMasterReleaseParameterDefinition/index.jelly

Type: Task
Resolution: Unresolved
Priority: Minor
Component/s: inedo-buildmaster-plugin
Labels:
- CSP

Similar Issues:
Powered by SuggestiMate

Show
Epic Link:
CSP compatibility for Jenkins plugins

Problems

== Inline Script Block
Line: 68
----
<script type="text/javascript">
        var jenkinsProxy = <st:bind value="${it}"/>;

	    function refreshReleases(el) {
	        var applicationId = el.value;

            console.log('Calling getReleases for applicationId %s...', applicationId);

            this.jenkinsProxy.getReleases(applicationId, function (t) {
                var releases = t.responseText;
                var releaseEl = el.parentElement.querySelector("select[name='releaseNumber']");

                console.log('returned %s', releases);
                var data = JSON.parse(releases);

                while (releaseEl.options.length > 0) {
                    releaseEl.remove(releaseEl.options.length - 1);
                }

                for (i = 0; i &lt; data.length; i++)
                {
                    var opt = document.createElement('option');

                    opt.text = data[i];
                    opt.value = data[i];

                    releaseEl.add(opt, null);
                }
            });
        }
	</script>
----

== Inline Event Handler
Line: 41
----
<select name="applicationId" onchange="refreshReleases(this);">
----

Solutions

https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers

Basil Crow created issue - 2024-10-24 00:20

Basil Crow made changes - 2024-10-24 00:49

Assignee

Original: Andrew Sumner [ andrewsumner ]

Basil Crow made changes - 2024-10-24 15:40

Description	Original: h4. Problems {noformat} == Inline Event Handler Line: 41 ---- <select name="applicationId" onchange="refreshReleases(this);"> ---- == Inline Script Block Line: 68 ---- <script type="text/javascript"> var jenkinsProxy = <st:bind value="${it}"/>; function refreshReleases(el) { var applicationId = el.value; console.log('Calling getReleases for applicationId %s...', applicationId); this.jenkinsProxy.getReleases(applicationId, function (t) { var releases = t.responseText; var releaseEl = el.parentElement.querySelector("select[name='releaseNumber']"); console.log('returned %s', releases); var data = JSON.parse(releases); while (releaseEl.options.length > 0) { releaseEl.remove(releaseEl.options.length - 1); } for (i = 0; i < data.length; i++) { var opt = document.createElement('option'); opt.text = data[i]; opt.value = data[i]; releaseEl.add(opt, null); } }); } </script> ---- == Inline Event Handler Line: 41 ---- <select name="applicationId" onchange="refreshReleases(this);"> ---- == Inline Script Block Line: 68 ---- <script type="text/javascript"> var jenkinsProxy = <st:bind value="${it}"/>; function refreshReleases(el) { var applicationId = el.value; console.log('Calling getReleases for applicationId %s...', applicationId); this.jenkinsProxy.getReleases(applicationId, function (t) { var releases = t.responseText; var releaseEl = el.parentElement.querySelector("select[name='releaseNumber']"); console.log('returned %s', releases); var data = JSON.parse(releases); while (releaseEl.options.length > 0) { releaseEl.remove(releaseEl.options.length - 1); } for (i = 0; i < data.length; i++) { var opt = document.createElement('option'); opt.text = data[i]; opt.value = data[i]; releaseEl.add(opt, null); } }); } </script> ---- {noformat} h4. Solutions [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]	New: h4. Problems {noformat} == Inline Script Block Line: 68 ---- <script type="text/javascript"> var jenkinsProxy = <st:bind value="${it}"/>; function refreshReleases(el) { var applicationId = el.value; console.log('Calling getReleases for applicationId %s...', applicationId); this.jenkinsProxy.getReleases(applicationId, function (t) { var releases = t.responseText; var releaseEl = el.parentElement.querySelector("select[name='releaseNumber']"); console.log('returned %s', releases); var data = JSON.parse(releases); while (releaseEl.options.length > 0) { releaseEl.remove(releaseEl.options.length - 1); } for (i = 0; i < data.length; i++) { var opt = document.createElement('option'); opt.text = data[i]; opt.value = data[i]; releaseEl.add(opt, null); } }); } </script> ---- == Inline Event Handler Line: 41 ---- <select name="applicationId" onchange="refreshReleases(this);"> ---- {noformat} h4. Solutions [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] [https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers]
Summary	Original: [inedo-buildmaster] Extract inline script blocks and event handlers in WEB-INF/classes/com/inedo/buildmaster/jenkins/BuildMasterReleaseParameterDefinition/index.jelly	New: [inedo-buildmaster] Extract inline script block and event handler in WEB-INF/classes/com/inedo/buildmaster/jenkins/BuildMasterReleaseParameterDefinition/index.jelly

Jenkins

Details

Description

Problems

Solutions

Attachments

Activity

People

Dates