发表新帖
发表新帖

Jenkins Content Security Policy

后端 未结
关注
6 1104
逝去的感伤
逝去的感伤 2020-12-04 16:00

I\'m confused about Jenkins Content Security Policy.

I know these sites:

  • Configuring Content Security Policy
  • Content Security Policy Reference
6条回答
  • 清歌不尽
    清歌不尽 (楼主)
    2020-12-04 16:32

    Just to be clear about setting this CSP property permanently on Jenkins.

    If you are running Jenkins on Ubuntu:

    1. $ vim /etc/default/jenkins
    2. Find the line with JAVA_ARGS and add the CSP policy like this: JAVA_ARGS="-Djava.awt.headless=true -Dhudson.model.DirectoryBrowserSupport.CSP=\"default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src data:;\""

    If you are running Jenkins on CentOS:

    1. $ vim /etc/sysconfig/jenkins
    2. Find the line with JENKINS_JAVA_OPTIONS and add the CSP policy like this: JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dhudson.model.DirectoryBrowserSupport.CSP=\"default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src data:;\""

    Save the file and restart Jenkins. $ sudo service jenkins restart or in your browser http://localhost:8080/safeRestart

    0 讨论(0)
 看不清?
提交回复
热议问题