• Type: Bug
• Resolution: Fixed
• Priority: Minor
• Component/s: log-parser-plugin
• Labels:

  • CSP

[JENKINS-74890] [log-parser] CSP compliance for LogParserWriter

Basil Crow created issue - 2024-11-20 17:16

Collapse comment: Basil Crow added a comment - 2024-11-20 17:22

Basil Crow added a comment - 2024-11-20 17:22

Once the fix for this issue is merged and released, the workaround added in https://github.com/jenkinsci/acceptance-test-harness/issues/1841 should be reverted.

Expand comment: Basil Crow added a comment - 2024-11-20 17:22

Basil Crow added a comment - 2024-11-20 17:22 Once the fix for this issue is merged and released, the workaround added in https://github.com/jenkinsci/acceptance-test-harness/issues/1841 should be reverted.

Basil Crow made changes - 2024-11-20 17:22

Assignee

Original: Martin Reinhardt [ mreinhardt ]

Basil Crow made changes - 2024-11-20 17:23

Description

Original: {noformat} == Inline Script Block (Java) File: ./src/main/java/hudson/plugins/logparser/LogParserWriter.java Line: 53 ---- <script type=\"text/javascript\">\n"                 + "\tfunction toggleList(list){\n"                 + "\t\telement = document.getElementById(list).style;\n"                 + "\t\telement.display == 'none' ? element.display='block' : element.display='none';\n"                 + "\t}\n" + "</script> ---- == Javascript scheme (Java) File: ./src/main/java/hudson/plugins/logparser/LogParserWriter.java Line: 126 ---- "<a href=\"javascript:toggleList('" ---- {noformat}

New: h3. Problems {noformat} == Inline Script Block (Java) File: ./src/main/java/hudson/plugins/logparser/LogParserWriter.java Line: 53 ---- <script type=\"text/javascript\">\n"                 + "\tfunction toggleList(list){\n"                 + "\t\telement = document.getElementById(list).style;\n"                 + "\t\telement.display == 'none' ? element.display='block' : element.display='none';\n"                 + "\t}\n" + "</script> ---- == Javascript scheme (Java) File: ./src/main/java/hudson/plugins/logparser/LogParserWriter.java Line: 126 ---- "<a href=\"javascript:toggleList('" ---- {noformat} h3. Solutions [https://www.jenkins.io/doc/developer/security/csp/]

Basil Crow made changes - 2024-11-20 18:43

Summary

Original: [log parser] CSP compliance for LogParserWriter

New: [log-parser] CSP compliance for LogParserWriter

Yaroslav Afenkin made changes - 2024-11-22 12:00

Assignee

New: Yaroslav Afenkin [ yafenkin ]

Yaroslav Afenkin made changes - 2024-11-22 12:00

Status

Original: Open [ 1 ]

New: In Progress [ 3 ]

Yaroslav Afenkin made changes - 2024-11-22 15:03

Status

Original: In Progress [ 3 ]

New: In Review [ 10005 ]

Yaroslav Afenkin made changes - 2024-11-22 15:03

Remote Link

New: This issue links to "jenkinsci/log-parser-plugin/pull/135 (Web Link)" [ 30251 ]

Yaroslav Afenkin made changes - 2024-11-25 08:56

Resolution		New: Fixed [ 1 ]
Status	Original: In Review [ 10005 ]	New: Fixed but Unreleased [ 10203 ]

Load more newer events