Sentinel Upgrade sentinel-dashboard's jQuery version

vwoqyblh 于 2022-10-19 发布在 jQuery

关注(0)|答案(3)|浏览(196)

Issue Description

Type: bug report

Describe what happened

Our application is using Sentinel and is currently undergoing penetration testing. The test scans out the vulnerability of the jQuery version is too low. Users are at risk of being targeted with XSS attacks.

Describe what you expected to happen

Hope the community can upgrade the version of jQuery to 3.5.0 or later. Or you can tell us how to replace and upgrade the version ourselves.

How to reproduce it

https://github.com/alibaba/Sentinel/blob/1.8.4/sentinel-dashboard/src/main/webapp/resources/lib/js/jquery.min.js

Tell us your environment

Operating env: K8S
Sentinel version: 1.8.1.1

Anything else we need to know?

Null

sentinel

来源：https://github.com/alibaba/Sentinel/issues/2684

3条答案

按热度按时间

jaxagkaj1#

Can I get some responses? thank you

赞(0）回复(0）举报 2022-10-19

fae0ux8s2#

Contributions are welcomed.

赞(0）回复(0）举报 2022-10-19

qnyhuwrf3#

BTW, note how I updated on K8S:

Upgrade jQuery version as PR
mvn clean package
Create Dockerfile:

FROM adoptopenjdk/openjdk11:latest
MAINTAINER Zander

ENV LANG=C.UTF-8
ENV JAVA_OPTS=""

COPY sentinel-dashboard.jar sentinel-dashboard.jar
CMD java ${JAVA_OPTS} -jar sentinel-dashboard.jar

build -t imageName:version

赞(0）回复(0）举报 2022-10-19

我来回答

Sentinel Upgrade sentinel-dashboard's jQuery version

Issue Description

Describe what happened

Describe what you expected to happen

How to reproduce it

Tell us your environment

Anything else we need to know?

3条答案

相关问题

热门标签

最新问答