[github-branch-source] CSP violation reported when organization folder avatar is enabled

XMLWordPrintable

      With Jenkins 2.486 and the most recent releases of plugins, a CSP violation is reported when I configure a GitHub organization folder like https://github.com/MarkEWaite and enable avatar.

      Configuration page looks like:

      The CSP violation report looks like this:

      11/26/24 8:57:15 PM Mark Waite jenkins.branch.OrganizationFolderViewHolder$ViewImpl (Branch API Plugin) img-src https://avatars.githubusercontent.com/u/156685?v=4&s=48
      11/26/24 8:57:16 PM Mark Waite hudson.model.AllView img-src https://avatars.githubusercontent.com/u/156685?v=4&s=32

      I'm not sure if the problem is in the GitHub Branch Source plugin or the SCM API plugin.

        1. github-branch-source-csp-violation.png
          github-branch-source-csp-violation.png
          78 kB

            Assignee:
            Unassigned
            Reporter:
            Mark Waite
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: