Branch: refs/heads/master
Home: https://github.com/jenkinsci/role-strategy-plugin
Commit: be9f68eb045be4669a9ef2446052371050c155b3
https://github.com/jenkinsci/role-strategy-plugin/commit/be9f68eb045be4669a9ef2446052371050c155b3
Author: Markus Winter <m.win...@sap.com>
Date: 2022-07-03 (Sun, 03 Jul 2022)
Changed paths:
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-agent-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-global-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-project-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-agent-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-global-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-project-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-roles.jelly
M src/main/webapp/js/table.js
Log Message:
-----------
[JENKINS-68870] properly escape tooltip texts
after adding a new role/user the tooltips when hovering over the
checkboxes where not properly escaped which is a potential XSS.
But it applies only to admin so no real security risk.
Also fixes JENKINS-55414 where patterns were double escaped without
need.
Commit: 1ccebbe3e59f356aa0fabec2427ab8cde1d0810f
https://github.com/jenkinsci/role-strategy-plugin/commit/1ccebbe3e59f356aa0fabec2427ab8cde1d0810f
Author: Markus Winter <m.win...@sap.com>
Date: 2022-07-03 (Sun, 03 Jul 2022)
Changed paths:
M src/main/webapp/js/table.js
Log Message:
-----------
also escape >
Commit: 859673312a1438c879effe930b68ea2b751c67e8
https://github.com/jenkinsci/role-strategy-plugin/commit/859673312a1438c879effe930b68ea2b751c67e8
Author: Markus Winter <m.win...@sap.com>
Date: 2022-07-03 (Sun, 03 Jul 2022)
Changed paths:
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-agent-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-global-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-project-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/assign-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-agent-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-global-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-project-roles.jelly
M
src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/RoleStrategyConfig/manage-roles.jelly
M src/main/webapp/js/table.js
Log Message:
-----------
Merge pull request #201 from mawinter69/JENKINS-68870
[JENKINS-68870] properly escape tooltip texts
Compare:
https://github.com/jenkinsci/role-strategy-plugin/compare/18a75e1ea14b...859673312a14
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/role-strategy-plugin/push/refs/heads/master/18a75e-859673%40github.com.
