Package jenkins.security.csp.impl

Class ReportingAction

java.lang.Object
hudson.model.InvisibleAction
jenkins.security.csp.impl.ReportingAction
All Implemented Interfaces:
ExtensionPoint, Action, ModelObject, RootAction, UnprotectedRootAction
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) @Extension public class ReportingAction extends InvisibleAction implements UnprotectedRootAction
This action receives reports of Content-Security-Policy violations. It needs to be an UnprotectedRootAction because these requests do not have cookies. If we wanted to restrict submissions by unprivileged users, we'd not generate the Content-Security-Policy header for them, or removed the report-uri / report-to directives.

  • Field Details

  • Constructor Details

    • ReportingAction

      public ReportingAction()

  • Method Details

    • getUrlName

      public String getUrlName()
      Description copied from interface: Action
      Gets the URL path name.

      For example, if this method returns "xyz", and if the parent object (that this action is associated with) is bound to /foo/bar/zot, then this action object will be exposed to /foo/bar/zot/xyz.

      This method should return a string that's unique among other Actions.

      The returned string can be an absolute URL, like "http://www.sun.com/", which is useful for directly connecting to external systems.

      If the returned string starts with '/', like '/foo', then it's assumed to be relative to the context path of the Jenkins webapp.

      Specified by:
      getUrlName in interface Action
      Overrides:
      getUrlName in class InvisibleAction
      Returns:
      null if this action object doesn't need to be bound to web (when you do that, be sure to also return null from Action.getIconFileName().
      See Also:

    • doDynamic

      @POST public org.kohsuke.stapler.HttpResponse doDynamic(org.kohsuke.stapler.StaplerRequest2 req)