問題描述
在 Jenkins 中,當訪問測試報告時,頁面無法正常顯示(頁面沒有顯示內容)。瀏覽器控制台顯示如下錯誤消息:
... Refused to frame 'https://jenkins.example.com/' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback. Blocked script execution in '<URL>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set. ...
軟件版本:Jenkins 2.274 in Docker
解決方案
方案一、放寬規則(不推薦)
在 Script Console 中,執行 System.setProperty("hudson.model.DirectoryBrowserSupport.CSP", "") 腳本,以此來解決問題。
但是該方法放寬規則,官方並不鼓勵該做法。並且我們使用該方法也沒有生效,可能在新版本 Jenkins 中被廢棄。
方案二、Resource Root URL(推薦)
官方推薦的方法:
1)為 Jenkins 服務再綁定新域名(當然要配置 Nginx 指向 Jenkins 服務);
2)並在 Manage Jenkins / Configure System / .. / Resource Root URL 中填寫帶地址;
參考文獻
Configuring Content Security Policy
javascript - Jenkins error - Blocked script execution in <URL>. because the document's frame is sandboxed and the 'allow-scripts' permission is not set - Stack Overflow
html - because the document's frame is sandboxed and the 'allow-scripts' permission is not set - Stack Overflow
javascript - Blocked script execution in because the document's frame is sandboxed - Angular application - Stack Overflow