[JENKINS-74347] [checkmarx-ast-scanner] Extract inline script block and event handler in com/checkmarx/jenkins/CheckmarxScanBuilder/config.jelly #408
Description
Problems
== Inline Script Block
Line: 24
----
<script>
function toggleGlobalArguments(link) {
let textArea = link.nextElementSibling
if (textArea.type !== "textarea") {
throw "Element is not textarea!"
}
let hidden = textArea.style.display === "none"
textArea.style.display = hidden ? "" : "none"
link.innerText = (hidden ? "Hide" : "Show") + " global arguments"
}
</script>
----
== Inline Event Handler
Line: 120
----
<a href="#" onclick="toggleGlobalArguments(this); return false;">
----
Solutions
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks
https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers
Originally reported by basil, imported from: [checkmarx-ast-scanner] Extract inline script block and event handler in com/checkmarx/jenkins/CheckmarxScanBuilder/config.jelly
- status: Open
- priority: Minor
- component(s): _unsorted
- label(s): CSP
- resolution: Unresolved
- votes: 0
- watchers: 1
- imported: 2025-12-08
Raw content of original issue
Problems
== Inline Script Block Line: 24 ---- <script> function toggleGlobalArguments(link) { let textArea = link.nextElementSibling if (textArea.type !== "textarea") { throw "Element is not textarea!" } let hidden = textArea.style.display === "none" textArea.style.display = hidden ? "" : "none" link.innerText = (hidden ? "Hide" : "Show") + " global arguments" } </script> ---- == Inline Event Handler Line: 120 ---- <a href="#" onclick="toggleGlobalArguments(this); return false;"> ----Solutions
https://www.jenkins.io/doc/developer/security/csp/#inline-javascript-blocks https://www.jenkins.io/doc/developer/security/csp/#inline-event-handlers