jenkins 生成引用外部CSS、JS的HTML无法打开
错误信息如下:
the document’s frame is sandboxed and the ‘allow-scripts’ permission is not set
错误原因:
根据jenkins的Configuring Content Security Policy,在默认设置下包括:
- No JavaScript allowed at all
- No plugins (object/embed) allowed
- No inline CSS, or CSS from other sites allowed
- No images from other sites allowed
- No frames allowed
- No web fonts allowed
- No XHR/AJAX allowed
都是禁止的
解决方法:
jenkins->系统管理->脚本命令行,执行命令:
System.setProperty("hudson.model.DirectoryBrowserSupport.CSP","sandbox allow-scripts; default-src 'none';script-src 'unsafe-inline' http://code.jquery.com/jquery-2.1.0.min.js; img-src dohko.hpeswlab.net 'self' data: ; style-src 'unsafe-inline' 'self';");
或者
System.setProperty("hudson.model.DirectoryBrowserSupport.CSP", "")
重新运行下job生成html,就会正常显示。