Enhancement
-
Ignore casing in
AvatarContributor#extractDomainFromUrl.
pull 23865
-
Add
XJenkinsValidateButtonCallback (a JSON object with callback and arguments keys) as a replacement for the CSP incompatible script HTTP response header for f:validateButton.
pull 20345
Bug fix
-
Show saved log recorders again (regression in 2.537).
pull 23858
-
Fix incorrect handling of Content Security Policy inheritance chain for fetch directives. This could affect attempts to set
*srcelemor *srcattr directives in CSP Plugin 2.x.
pull 23855
-
Make "Change API Token" for legacy API tokens work when Content Security Policy is enforced and prohibits inline JavaScript.
pull 20345