Security tweak required for BDD error report image display on Jenkins 2.7.2
Ref: https://content-security-policy.com/ and https://wiki.jenkins-ci.org/display/JENKINS/Configuring+Content+Security+Policy
Follow one of the URL's below, logging in to Jenkins with user that has admin rights:-
Jenkins URL (AWS EC2) : http://ec2-52-17-13-23.eu-west-1.compute.amazonaws.com:9090/script
Jenkins URL (Azure VM) : https://build-hee.transformcloud.net/jenkins/script
System.setProperty(hudson.model.DirectoryBrowserSupport.class.getName() + ".CSP", "script-src 'unsafe-inline' 'self';")
System.setProperty("jenkins.model.DirectoryBrowserSupport.CSP", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';")
NOTE : The web browser refresh does not always reload the page with the new relaxed rules due to caching. To be sure this doesn't happen it's advised to restart your browser.
If this needs to be reset to default (more secure) the run the following command : System.clearProperty("hudson.model.DirectoryBrowserSupport.CSP")
0 Comments