[github-branch-source] CSP violation reported when organization folder avatar is enabled

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      With Jenkins 2.486 and the most recent releases of plugins, a CSP violation is reported when I configure a GitHub organization folder like https://github.com/MarkEWaite and enable avatar.

      Configuration page looks like:

      The CSP violation report looks like this:

      11/26/24 8:57:15 PM Mark Waite jenkins.branch.OrganizationFolderViewHolder$ViewImpl (Branch API Plugin) img-src https://avatars.githubusercontent.com/u/156685?v=4&s=48
      11/26/24 8:57:16 PM Mark Waite hudson.model.AllView img-src https://avatars.githubusercontent.com/u/156685?v=4&s=32

      I'm not sure if the problem is in the GitHub Branch Source plugin or the SCM API plugin.

        1. github-branch-source-csp-violation.png
          github-branch-source-csp-violation.png
          78 kB

            Assignee:
            Unassigned
            Reporter:
            Mark Waite
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Archived: