Menu
I tried to add this in Jenkins Script Console, but it didn't help:
"-Dhudson.model.DirectoryBrowserSupport.CSP=default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';"
How to do this? Or what is wrong?
267
Security Architecture of Jenkins The key components of this mechanism are the followings: Permission, which represents an activity that requires a security privilege. This is usually a verb, like "configure", "administer", "tag", etc. Authentication , which represents the current user and roles (AKA groups) he/she has.
You posted the start parameter for java. If you would like to test it inside the console try this:
System.setProperty("hudson.model.DirectoryBrowserSupport.CSP", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';")
If you want to change the property for every start, you can add:
-Dhudson.model.DirectoryBrowserSupport.CSP="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';"
to your start parameter, so that it might look like:
java -Dhudson.model.DirectoryBrowserSupport.CSP="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';" -jar jenkins.war
If you need further informations, you can take a look at JENKINS Configuring Content Security Policy
170
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
