Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-16936

Extension point for secure users of Api

    Details

    • Similar Issues:

      Description

      As a security fix, hudson.model.Api no longer permits the jsonp parameter, or xpath with a primitive result set. This is the safest policy but in certain cases it is useful to whitelist particular requesters known to be harmless. The INSECURE system property should be deprecated or deleted and an extension point introduced so various policies can be added by plugins: whitelists based on host name, requests with no Referer, etc.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jglick Jesse Glick
                Reporter:
                jglick Jesse Glick
              • Votes:
                0 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: