Due to some maintenance issues, this service has been switched in read-only mode, you can find more information about the why

and how to migrate your plugin documentation in this blogpost

Skip to end of metadata
Go to start of metadata

Plugin Information

View anything-goes-formatter on the plugin site for more information.

This plugin allows you to use JavaScript inside your project description.


When JavaScript is added inside the description, it effectively has access to the user's session of the Jenkins, which can be then used to do operations on behalf of the user. There's an inherent security risk in this. Use with caution, only when you can trust all the users of your installation.

It's not sufficient to be able to trust users who are able to configure Jenkins itself, views, or projects, or update builds. Any logged in user can edit their own description (/user/username/configure) and could add unsafe JavaScript to their user profile.


Version 1.0 (Mar 14 2012)

  • Initial version

1 Comment

  1. Unknown User (akostadinov)

    if this could be used only for admin selected fields, then that would have been a killer feature