Jenkins Content Security Policy

后端未结

关注

 6  1102

逝去的感伤 2020-12-04 16:00

I\'m confused about Jenkins Content Security Policy.

I know these sites:

Configuring Content Security Policy
Content Security Policy Reference

6条回答

情话喂你 (楼主)

2020-12-04 16:30

To add more to the @Kirill's answer ...

If jenkins is deployed in tomcat container, set the CATALINA_OPTS environment value in setenv.sh file ( Present in ${CATALINA_BASE}/bin Folder ) as highlighted below:-

export CATALINA_OPTS="-Xmx2048m -Xms2048m -XX:MaxNewSize=768m -XX:-HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=${CATALINA_BASE}/logs/java.hprof -XX:ParallelGCThreads=2 -XX:-UseConcMarkSweepGC -Dcom.sun.management.jmxremote -Dhudson.model.DirectoryBrowserSupport.CSP=\"\"

export CATALINA_OPTS="-Xmx2048m -Xms2048m -XX:MaxNewSize=768m -XX:-HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/software/jenkins/tomcat_jenkins/logs/java.hprof -XX:ParallelGCThreads=2 -XX:-UseConcMarkSweepGC -Dcom.sun.management.jmxremote -Dhudson.model.DirectoryBrowserSupport.CSP=\"sandbox allow-scripts; default-src 'self'; script-src *; 'unsafe-eval'; img-src *; style-src *; 'unsafe-inline'; font-src *;\

After Changing the above file, restart the tomcat. It worked like charm to me. Hope it helps :)

Note:- CSP is only applicable for the plugins like HTML publisher, maven plugin . It didn't work for email html file.

0 讨论(0)

查看其它6个回答