Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JENKINS-73958] remove eval call from js #269

Merged
merged 3 commits into from
Oct 18, 2024
Merged

[JENKINS-73958] remove eval call from js #269

merged 3 commits into from
Oct 18, 2024

Conversation

mawinter69
Copy link
Contributor

Testing done

manual testing

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

@mawinter69 mawinter69 requested a review from a team as a code owner October 17, 2024 19:50
basil
basil reviewed Oct 17, 2024
View reviewed changes
...ugins/authorizeproject/strategy/SpecificUsersAuthorizationStrategy/checkPasswordRequested.js
@@ -74,8 +74,10 @@ Behaviour.specify(".specific-user-authorization", "checkPasswordRequired", 0, fu

var onchange = function(evt) {
var url = useridField.getAttribute("checkPasswordRequestedUrl");
url = eval(url);
fetch(url, {
var params = new URLSearchParams({
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A while back we had problems with URLSearchParams not working in HtmlUnit, so I would feel more comfortable with a PCT run to make sure this won't cause unnecessary hassle in test coverage. An ATH run wouldn't hurt too, but I won't insist on it.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PCT run:

ATH run:

basil
basil approved these changes Oct 17, 2024
View reviewed changes
Copy link
Member

@basil basil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@basil basil requested a review from MarkEWaite October 17, 2024 21:03
MarkEWaite added a commit to MarkEWaite/bom that referenced this pull request Oct 17, 2024
@MarkEWaite
Test authorize-project CSP fix
ffefd93 
jenkinsci/authorize-project-plugin#269 fixes a
content security policy problem in the plugin.  Let's be sure that the
change does not harm any tests in the plugin BOM.
@MarkEWaite MarkEWaite mentioned this pull request Oct 17, 2024
Closed
6 tasks
MarkEWaite added a commit to MarkEWaite/acceptance-test-harness that referenced this pull request Oct 17, 2024
@MarkEWaite
Test authorize-project CSP fix
d2e2f73 
jenkinsci/authorize-project-plugin#269 is the
pull request.
@MarkEWaite MarkEWaite mentioned this pull request Oct 17, 2024
Closed
6 tasks
@MarkEWaite MarkEWaite added the bug Incorrect or flawed behavior label Oct 17, 2024
@MarkEWaite MarkEWaite merged commit 01036ad into jenkinsci:master Oct 18, 2024
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@basil basil basil approved these changes

@MarkEWaite MarkEWaite MarkEWaite approved these changes

Assignees
No one assigned
Labels
bug Incorrect or flawed behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mawinter69 @basil @MarkEWaite