Jenkins builds pull requests sent by untrusted users, or employ a security model that limits trust in users allowed to configure one or more jobs, this also ...
Sep 7, 2021 · 3 introduce the Content-Security-Policy header to static files served by Jenkins (specifically DirectoryBrowserSupport ). This header is set to ...
This guide documents how to identify components that will be incompatible with CSP rules and how to write and adapt UI code in a manner that is expected to be ...
Feb 10, 2023 · This plugin implements Content-Security-Policy protection for ... Rules can be configured on the Configure Global Security configuration screen.
As an alternative to relaxing Content-Security-Policy , administrators can configure Jenkins to serve files from potentially less trusted sources from a ...
Jul 27, 2016 · Jenkins 1.641 and 1.625.3 introduced Content-Security-Policy HTTP headers as protection against Cross-Site Scripting attacks using workspace ...
Mar 26, 2018 · Description: Jenkins 1.641 and 1.625.3 introduced Content-Security-Policy HTTP headers as protection against Cross-Site Scripting attacks using ...
Mar 25, 2020 · See Configuring Content Security Policy to learn more. Even when Jenkins is configured to serve files in workspaces and archived artifacts ...
Mar 19, 2024 · For details, see Configuring Content Security Policy and Jenkins Security Advisory .