forked from jenkinsci/jenkins
-
Notifications
You must be signed in to change notification settings - Fork 3
/
help-markupFormatter.html
37 lines (37 loc) · 1.04 KB
/
help-markupFormatter.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<div>
<p>
Jenkins shows user-provided descriptions on objects like jobs, views, or
builds. The markup formatter controls how those descriptions are rendered.
</p>
<p>
“Plain text” is the default formatter and renders the provided
description largely as entered.
</p>
<p>
Plugins may contribute additional markup formatters that support HTML or
other markup languages.
</p>
<p>
<strong>Note:</strong>
Some descriptions can be provided from possibly unexpected sources. Some
examples:
</p>
<ul>
<li>any user with an account in Jenkins can set their own description</li>
<li>
Pipelines, as well as build steps for other job types, may be configured
to set the current build's description
</li>
</ul>
<p>
Using a markup formatter that renders user input verbatim as HTML may allow
<a
href="https://en.wikipedia.org/wiki/Cross-site_scripting"
target="_blank"
rel="noopener noreferrer"
>
cross-site scripting
</a>
attacks.
</p>
</div>