티스토리 뷰
관련 내용: www.jenkins.io/doc/book/system-administration/security/configuring-content-security-policy/
Configuring Content Security Policy
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
www.jenkins.io
.css 나 .js 요청 시 아래와 같은 메시지가 발생할 경우가 있다.
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Epaif2cHkSx/K62AHKClT5geuHQeilAdJVvUuNPdcuw='), or a nonce ('nonce-...') is required to enable inline execution.
그럴 경우 이렇게 대처하면 된다.
1. 일시적인 방법
Manage Jenkins -> Script Console
System.clearProperty("hudson.model.DirectoryBrowserSupport.CSP");
System.setProperty("hudson.model.DirectoryBrowserSupport.CSP", "sandbox allow-same-origin allow-scripts; default-src 'self'; script-src * 'unsafe-eval'; img-src *; style-src * 'unsafe-inline'; font-src * data:");
2. 영구적인 방법
JVM Option 추가
java -Dhudson.model.DirectoryBrowserSupport.CSP="sandbox allow-same-origin allow-scripts; default-src 'self'; script-src * 'unsafe-eval'; img-src *; style-src * 'unsafe-inline'; font-src * data:" -jar jenkins.warkb.froglogic.com/squish/integrations/jenkins/content-security-policy-csp-web-report/
Content Security Policy (CSP) for Web Report
Introduction¶ Jenkins 1.641 introduced the Content-Security-Policy (CSP) header to static files served by Jenkins (specifically, DirectoryBrowserSupport). This header is set to a very restrictive default set of permissions to protect Jenkins users from ma
kb.froglogic.com
'DevOps > Jenkins' 카테고리의 다른 글
| Jenkins: 엑세스로그(Access Log) 설정하기 (1) | 2022.12.15 |
|---|---|
| Jenkins: 사용자 테마 설정 (How to apply to theme) (1) | 2022.10.14 |
| Ansible: How to change Locale to English (0) | 2022.10.14 |
| Jenkins: Locale 영어로 변경하기 (0) | 2022.10.14 |
| Jenkins: (Improve Performance) How to search old builds count (0) | 2020.01.07 |
| Jenkins: (성능개선) 각 잡들의 오래된 빌드 개수 조회 (0) | 2020.01.07 |
| Jenkins: " Parameterized Trigger " Plugin (0) | 2019.08.22 |
| Jenkins: InfluxDB Plugin을 사용하여 Job 모니터링하기 (0) | 2019.08.06 |
- Total
- Today
- Yesterday
- vagrant
- DevOps
- JVM
- 쓰레드덤프
- 엔시블
- 젠킨스
- Jenkins
- Password manager
- rsync
- rundeck
- Shell Script
- iTerm2
- groovy
- Docker
- 리눅스
- Nexus
- 데브옵스
- Ansible
- ssl
- 플레이북
- Playbook
- URL Encoding
- 파이프라인
- Linux
- 엔서블
- openssl
- Config History
- nginx
- PostgreSQL
- Thread Dump
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 |