Implementations which are {@link Serializable} may be sent to an agent JVM for processing. + * In particular, this happens under JEP-210. + * In this case, the implementation should not assume that {@link JenkinsJVM#isJenkinsJVM}, + * and if generating {@link ConsoleNote}s will need to encode them on the master side first. * @author dty * @since 1.383 * @see BuildWrapper#decorateLogger diff --git a/core/src/main/java/hudson/console/ConsoleNote.java b/core/src/main/java/hudson/console/ConsoleNote.java index 1dec066e56d1..2b646cab4b50 100644 --- a/core/src/main/java/hudson/console/ConsoleNote.java +++ b/core/src/main/java/hudson/console/ConsoleNote.java @@ -110,6 +110,17 @@ * is also important, although {@link ConsoleNote}s that failed to deserialize will be simply ignored, so the * worst thing that can happen is that you just lose some notes. * + *
+ * Note that {@link #encode}, {@link #encodeTo(OutputStream)}, and {@link #encodeTo(Writer)} + * should be called on the Jenkins master. + * If called from an agent JVM, a signature will be missing and so as per + * SECURITY-382 + * the console note will be ignored. + * This may happen, in particular, if the note was generated by a {@link ConsoleLogFilter} sent to the agent. + * Alternative solutions include using a {@link ConsoleAnnotatorFactory} where practical; + * or generating the encoded form of the note on the master side and sending it to the agent, + * for example by saving that form as instance fields in a {@link ConsoleLogFilter} implementation. + * *
* {@link ConsoleNote} can have associated {@code script.js} and {@code style.css} (put them