[JENKINS-74890] [log-parser] CSP compliance for LogParserWriter

Type: Bug
Resolution: Fixed
Priority: Minor
Component/s: log-parser-plugin
Labels:
- CSP

Similar Issues:
Powered by SuggestiMate

Show
Epic Link:
CSP compatibility for Jenkins plugins
Released As:
2.3.6

Problems

== Inline Script Block (Java)
File: ./src/main/java/hudson/plugins/logparser/LogParserWriter.java
Line: 53
----
<script type=\"text/javascript\">\n"
                + "\tfunction toggleList(list){\n"
                + "\t\telement = document.getElementById(list).style;\n"
                + "\t\telement.display == 'none' ? element.display='block' : element.display='none';\n"
                + "\t}\n" + "</script>
----

== Javascript scheme (Java)
File: ./src/main/java/hudson/plugins/logparser/LogParserWriter.java
Line: 126
----
"<a href=\"javascript:toggleList('"
----

Solutions

https://www.jenkins.io/doc/developer/security/csp/

links to

jenkinsci/log-parser-plugin/pull/135

Basil Crow added a comment - 2024-11-20 17:22

Once the fix for this issue is merged and released, the workaround added in https://github.com/jenkinsci/acceptance-test-harness/issues/1841 should be reverted.

Basil Crow added a comment - 2024-11-20 17:22 Once the fix for this issue is merged and released, the workaround added in https://github.com/jenkinsci/acceptance-test-harness/issues/1841 should be reverted.

Assignee:: Yaroslav Afenkin

Reporter:: Basil Crow

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024-11-20 17:16

Updated:: 2024-11-25 18:41

Resolved:: 2024-11-25 08:56

Details

Description

Problems

Solutions

Attachments

Issue Links

Activity

Collapse comment: Basil Crow added a comment - 2024-11-20 17:22

Expand comment: Basil Crow added a comment - 2024-11-20 17:22

People

Dates