I have try to update to the latest Jenkins version 1.653, I try to run the
following script console:
System.getProperty("hudson.model.DirectoryBrowserSupport.CSP")
Here's the return value:
Result: sandbox 'allow-scripts'; script-src 'self' 'unsafe-inline'
'unsafe-eval'; img-src *;
I still cannot access the web content and I get the same error as if
allow-scripts is not
On Friday, March 18, 2016 at 10:26:17 AM UTC-4, [email protected] wrote:
>
> I'm running into the same problem under Windows, I try to add the Prolicy
> and restart the server, but it seem to be ignored. Here's what I did inside
> the "jenkins.xml"
>
> <arguments>-Xrs -Xmx1024m
> *-Dhudson.model.DirectoryBrowserSupport.CSP="sandbox
> allow-scripts; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src *;"*
> -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar
> "%BASE%\jenkins.war" --httpPort=8081 --prefix=/Jenkins</arguments>
>
> There's no error into the error log but the web still tell me the
> because the document's frame is sandboxed and the 'allow-scripts'
> permission is not
>
> I guess I have some syntax error or using the wrong format. Anybody have
> any tips?
> BTW, the page:
>
> https://wiki.jenkins-ci.org/display/JENKINS/Configuring+Content+Security+Policy
>
> <https://wiki.jenkins-ci.org/display/JENKINS/Configuring+Content+Security+Policy>
> is great to know what the problems is, but it totaly lack clarity to where
> to set those policy. Why is this not part of the Manage jenkins interfaces?
> why can't we set this per project?
>
> Thanks,
> Jerome
>
> On Tuesday, January 12, 2016 at 9:17:13 AM UTC-5, Daniel Beck wrote:
>>
>> Does it work when you set it via the script console as described on
>> https://wiki.jenkins-ci.org/display/JENKINS/Configuring+Content+Security+Policy
>>
>> ?
>>
>> Note that setting it in the XML file requires a Jenkins restart via the
>> Control Panel/services.msc to be effective.
>>
>> On 11.01.2016, at 19:13, [email protected] wrote:
>>
>> >
>> > Hello all,
>> >
>> >
>> > i am currently using Jenkins ver. 1.643 . I tried work around of
>> adding below highlighted to jenkins.xml suggested in the internet but didnt
>> work for me. Could someone please suggest me on this error.
>> >
>> >
>> > In windows based Jenkins we have service for stop/start .
>> >
>> > I assumed below is the place where it is taking the arguments i have
>> added those to Jenkins.xml. here is complete xml. please let me know if i
>> am adding at wrong place.
>> >
>> > <service>
>> > <id>jenkins</id>
>> > <name>Jenkins</name>
>> > <description>This service runs Jenkins continuous integration
>> system.</description>
>> > <env name="JENKINS_HOME" value="%BASE%"/>
>> > <!--
>> > if you'd like to run Jenkins with a specific version of Java,
>> specify a full path to java.exe.
>> > The following value assumes that you have java in your PATH.
>> > -->
>> > <executable>%BASE%\jre\bin\java</executable>
>> > <arguments>-Xrs -Xmx256m -Dhudson.model.DirectoryBrowserSupport.CSP=
>> -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar
>> "%BASE%\jenkins.war" --httpPort=8080</arguments>
>> > <!--
>> > interactive flag causes the empty black Java window to be
>> displayed.
>> > I'm still debugging this.
>> > <interactive />
>> > -->
>> > <logmode>rotate</logmode>
>> >
>> > <onfailure action="restart" />
>> > </service>
>> >
>> >
>> >
>> > Errors:
>> >
>> > Opening Robot Framework report failed
>> >
>> > • Verify that you have JavaScript enabled in your browser.
>> > • Make sure you are using a modern enough browser. Firefox 3.5,
>> IE 8, or equivalent is required, newer browsers are recommended.
>> > • Check are there messages in your browser's JavaScript error
>> log. Please report the problem if you suspect you have encountered a bug.
>> > - show quoted text -
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Jenkins Users" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to [email protected].
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/jenkinsci-users/70e74d95-e609-4471-abd4-626e0d76a4a5%40googlegroups.com.
>>
>>
>> > For more options, visit https://groups.google.com/d/optout.
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/e51483db-569a-414d-9188-f58de1e5329c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
