Content Security Policy

Warning
Jenkins is currently (version 2.390) not ready for this plugin to be used to enforce Content-Security-Policy for most resources in production environments. Many features, both in core and plugins, will stop working with the default rule set. At this time, this plugin is a utility for Jenkins developers, not for Jenkins administrators.

Introduction

This plugin implements Content-Security-Policy protection for the classic Jenkins UI.

Getting started

Install this plugin to have basic reporting of Content-Security-Policy violations in Jenkins: A new link Content Security Policy Reports on the Manage Jenkins page allows administrators to review reported policy violations.

Rules can be configured on the Configure Global Security configuration screen.

Issues

Report issues and enhancements in the Jenkins issue tracker.

Contributing

Refer to our contribution guidelines.

LICENSE

Licensed under MIT, see LICENSE.

Version: 1.2
Released:
Requires Jenkins 2.361.4
ID: csp
Installed on 0.031% of instances
View detailed version information
Links
GitHub
Open issues (Jira)
Report an issue (Jira)
Javadoc
Labels
This plugin has no labels
Maintainers
Daniel Beck
Help us improve this page!
To propose a change submit a pull request to the plugin page on GitHub.