[all] Dynamic Zuul results table in Gerrit 3

Thu Dec 3 13:38:48 UTC 2020

On Thu, Dec 03, 2020 at 10:22 Radosław Piliszek wrote:
> Hello Fellow OpenStack and OpenDev Folks!
>
> TL;DR click on [3] and enjoy.
>

Hello

It seems like this script is injecting build details directly using
the innerHTML attribute without filtering html entities,
please see the `Security considerations` section of

  https://developer.mozilla.org/en-US/docs/Web/API/Element/innerHTML

-Tristan

> I am starting this thread to not hijack the discussion happening on [1].
>
> First of all, I would like to thank gibi (Balazs Gibizer) for hacking
> a way to get the place to render the table in the first place (pun
> intended).
>
> I have been a long-time-now user of [2].
> I have improved and customised it for myself but never really got to
> share back the changes I made.
> The new Gerrit obviously broke the whole script so it was of no use to
> share at that particular state.
> However, inspired by gibi's work, I decided to finally sit down and
> fix it to work with Gerrit 3 and here it comes: [3].
> Works well on Chrome with Tampermonkey. Not tested others.
>
> I hope you will enjoy this little helper (I do).
>
> I know the script looks super fugly but it generally boils down to a
> mix of styles of 3 people and Gerrit having funky UI rendering.
>
> Finally, I'd also like to thank hrw (Marcin Juszkiewicz) for linking
> me to the original Michel's script in 2019.
>
> [1] http://lists.openstack.org/pipermail/openstack-discuss/2020-November/019051.html
> [2] https://opendev.org/x/coats/src/commit/444c95738677593dcfed0cfd9667d4c4f0d596a3/coats/openstack_gerrit_zuul_status.user.js
> [3] https://gist.github.com/yoctozepto/7ea1271c299d143388b7c1b1802ee75e
>
> Kind regards,
> -yoctozepto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 515 bytes
Desc: not available
URL: <http://lists.opendev.org/pipermail/service-discuss/attachments/20201203/6ff07d94/attachment.sig>