Skip to content

fix(jcasc): use correct CspConfiguration attributes for CSP#2186

Merged
gounthar merged 1 commit into
jenkins-docs:mainfrom
gounthar:fix/csp-jcasc-schema
Apr 21, 2026
Merged

fix(jcasc): use correct CspConfiguration attributes for CSP#2186
gounthar merged 1 commit into
jenkins-docs:mainfrom
gounthar:fix/csp-jcasc-schema

Conversation

@gounthar
Copy link
Copy Markdown
Collaborator

@gounthar gounthar commented Apr 21, 2026

Problem

Jenkins crashes at startup with:

io.jenkins.plugins.casc.UnknownAttributesException: contentSecurityPolicy:
Invalid configuration elements for type: class jenkins.security.csp.impl.CspConfiguration : header.
Available attributes : advanced, enforce

The CSP block added in #2184 used header: which is not a valid attribute for jenkins.security.csp.impl.CspConfiguration.

Fix

Replace the invalid header attribute with enforce: true, which enables CSP using Jenkins' built-in default policy and correctly silences the administrative monitor warning.

@gounthar
fix(jcasc): use correct CspConfiguration attributes for CSP
67c6e62 
CspConfiguration only accepts 'enforce' and 'advanced' — not 'header'.
The 'header' attribute caused a fatal UnknownAttributesException at
startup. Replace with enforce: true to enable CSP with Jenkins'
default built-in policy.

Signed-off-by: Bruno Verachten <gounthar@gmail.com>
@github-actions github-actions Bot added the repo label Apr 21, 2026
@gounthar gounthar mentioned this pull request Apr 21, 2026
Merged
2 tasks
@gounthar gounthar merged commit 97d6f87 into jenkins-docs:main Apr 21, 2026
7 checks passed
@gounthar gounthar deleted the fix/csp-jcasc-schema branch April 21, 2026 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

repo

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gounthar