The links on this page no longer work, we've moved to Azure and are going to add a reverse proxy server to avoid having to expose ports on the hosts.
Security tweak required for BDD error report image display on Jenkins 2.7.2
Ref: https://content-security-policy.com/ and https://wiki.jenkins-ci.org/display/JENKINS/Configuring+Content+Security+Policy
Follow one of the URL's below, logging in to Jenkins with user that has admin rights:-
Jenkins URL (AWS EC2) : http://ec2-52-17-13-23.eu-west-1.compute.amazonaws.com:9090/script
Jenkins URL (Azure VM) : https://build-hee.transformcloud.net/jenkins/script
System.setProperty(hudson.model.DirectoryBrowserSupport.class.getName() + ".CSP", "script-src 'unsafe-inline' 'self';")
System.setProperty("jenkins.model.DirectoryBrowserSupport.CSP", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';")
NOTE : The web browser refresh does not always reload the page with the new relaxed rules due to caching. To be sure this doesn't happen it's advised to restart your browser.
If this needs to be reset to default (more secure) the run the following command : System.clearProperty("hudson.model.DirectoryBrowserSupport.CSP")
0 Comments