-
Task
-
Resolution: Unresolved
-
Minor
Note
While testing this plugin, evaluate whether the third-party libraries in src/main/webapp/scripts are compatible with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.
Problem
== Inline Script Block (Java) File: hudson/plugins/collabnet/auth/CNAuthenticationEntryPoint.java Line: 57 ---- <script>window.location.replace('%1$s');</script> ----
Solution
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
[JENKINS-74743] [collabnet] Extract inline script block in CNAuthenticationEntryPoint
Description |
Original:
h4. Problem {noformat} == Inline Script Block (Java) File: hudson/plugins/collabnet/auth/CNAuthenticationEntryPoint.java Line: 57 ---- <script>window.location.replace('%1$s');</script> ---- {noformat} h4. Solution [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] |
New:
h1. Note
*While testing this plugin, evaluate whether the third-party libraries in {{src/main/webapp/scripts are compatible}} with CSP in restrictive mode. The plugin may need to be upgraded from jQuery 1.x to 3.x to fully function in CSP restrictive mode.* h4. Problem {noformat} == Inline Script Block (Java) File: hudson/plugins/collabnet/auth/CNAuthenticationEntryPoint.java Line: 57 ---- <script>window.location.replace('%1$s');</script> ---- {noformat} h4. Solution [https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks] |