Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »


Question: My HTML reports don't render fully when viewed from Jenkins. Why?


Answer: By default, Content Security Policy header is set to a very restrictive default set of permissions to protect Jenkins users from malicious HTML/JS files in workspaces.

Content Security Policy can be relaxed according to these steps: https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy.

The following command helps render packager, forecast and deploy HTML reports.

  • In Jenkins, go to "Manage Jenkins"

  • Click on "Script Console"

  • Run the following command:

System.setProperty("hudson.model.DirectoryBrowserSupport.CSP", "img-src 'self' data:;")

However this relaxes the security only temporarily ,to make it permanent:

  • edit the jenkins.xml in $JENKINS_HOME (eg. C:\Program Files\Jenkins) and

  • add -Dhudson.model.DirectoryBrowserSupport.CSP="img-src 'self' data:;" to the <service id="jenkins"><arguments> tag aka

<arguments>-Xrs -Xmx256m -Dhudson.model.DirectoryBrowserSupport.CSP="\"img-src 'self' data:;\"" -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%\jenkins.war" --httpPort=8080 --webroot="%BASE%\war"</arguments>

It seems for RedHat, the file to modify is /etc/sysconfig/jenkins and the property is JENKINS_JAVA_OPTIONS.

like this

JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dhudson.model.DirectoryBrowserSupport.CSP=\"img-src 'self' data:;\""

the \" are important so that the java parser parses the values correctly.

  • No labels