Skip to content

[JENKINS-76263] Add Content-Security-Policy header #16837

New issue
New issue
Closed
Closed
[JENKINS-76263] Add Content-Security-Policy header#16837
Labels
component:coreenhancementimported-jira-issuepriority:majorresolution:unresolved
@jenkins-infra-bot

Description

@jenkins-infra-bot
jenkins-infra-bot
opened on Nov 4, 2025

This issue tracks the addition of the Content-Security-Policy header to Jenkins core, so that https://plugins.jenkins.io/csp/ no longer needs to be installed.

The core implementation also needs to be extensible, so that plugins can add, e.g., img-src values.

Originally reported by danielbeck, imported from: Add Content-Security-Policy header
  • assignee: danielbeck
  • status: In Progress
  • priority: Major
  • component(s): core
  • resolution: Unresolved
  • votes: 0
  • watchers: 1
  • imported: 2025-11-24
Raw content of original issue 
This issue tracks the addition of the Content-Security-Policy header to Jenkins core, so that https://plugins.jenkins.io/csp/ no longer needs to be installed.



The core implementation also needs to be extensible, so that plugins can add, e.g., img-src values.

Metadata

Metadata

Assignees

No one assigned

    Labels

    component:coreenhancementimported-jira-issuepriority:majorresolution:unresolved

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions