GHSA-PX4X-HJM5-W8X3 Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin
Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. XFramium Builder Plugin 1.0.22 and earlier globally disables the...