feature request: Fully stand-alone reports

[mac-chaffee]

In the original issue for creating reports (#4), it mentions that one of the intended use-cases is to have the report visible in Jenkins.

That issue was filed in 2015, but later that year, Jenkins started shipping with a restrictive Content Security Policy which means Artillery reports can't execute JS/CSS by default: https://www.jenkins.io/security/advisory/2015-12-09/

It's a bad practice to loosen that content security policy because it can be used for XSS attacks. As a result, I think it might be nice for Artillery to be able to generate fully stand-alone reports that Jenkins can serve while still respecting the content security policy.

Once option would be to generate PDFs or PNGs.

Another option could be to add a flag to artillery report that would embed the graphs as images using toBase64Image. The html file might look a little weird with the missing css/js, but at least the charts would be visible.

[mac-chaffee]

Looks like you would still have to edit the content security policy to get base64 images to appear, but doing that at least still protects you from XSS in theory.

[hassy]

That's interesting @mac-chaffee. The original use case was indeed to embed reports into Jenkins, but today most of our users upload reports to S3/another hosting service, and share those URLs instead.

Using toBase64Image is an interesting idea, but we'd need to consider how we'd render that at report generation time (rather than in the browser, where that method is meant to be used I think)