File Input Type

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

File Input Type

Paul Dimitriu
Good evening,

I am creating a class that extends ToolInstaller (say "widget tester"). I want a way to upload the tool I'm testing ("widget") directly by using a <input type="file" ..> rather than using "Download URL for binary archive"? We're doing this stuff in a disconnected environment.

Is there a way I can do this using Jelly? I'm building my installer class using "ToolInstaller"

Thanks!


--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/35b1d6f6-7de5-473a-b6a1-d0590f6df048n%40googlegroups.com.
Reply | Threaded
Open this post in threaded view
|

Re: File Input Type

Jesse Glick-4
On Fri, Sep 25, 2020 at 2:06 AM Paul <[hidden email]> wrote:
> Is there a way I can do this using Jelly?

Yes, though file uploads are tricky.
https://github.com/jenkinsci/plain-credentials-plugin/blob/83be2ca41c6c5e6f96eb6c9a47ebdd394b2a6dbc/src/main/java/org/jenkinsci/plugins/plaincredentials/impl/FileCredentialsImpl.java#L138-L164
+ https://github.com/jenkinsci/plain-credentials-plugin/blob/83be2ca41c6c5e6f96eb6c9a47ebdd394b2a6dbc/src/main/resources/org/jenkinsci/plugins/plaincredentials/impl/FileCredentialsImpl/credentials.jelly#L27-L47
may be helpful for hints.

Beware that there are a number of sorts of security vulnerabilities
you could introduce if you do not write this code very defensively. If
the tool is uploaded to the controller (Jenkins server), how does it
get to the agent where the build runs? Have you considered malicious
filenames? Etc.

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr0NjXHMnmdBXUukB%2B7do2Y3N9f0OsQEuTC1OjxCfEcKwA%40mail.gmail.com.