TIPS & TRICKS

Make Your App More Secure By Updating to jQuery® Version 3.5 or Newer

Splunk will be deprecating use of older versions of jQuery and migrating to use of v 3.5.0 or newer soon. Here is what you need to know to start preparing for this upcoming migration. 

Certain Splunk apps have historically required jQuery libraries to function. jQuery is a JavaScript® library that makes it easier to write JavaScript compatible with many web browsers.

Many of those apps are written using jQuery 2.x and older, bundled with Splunk Enterprise and Splunk Cloud. We’re moving to support only jQuery 3.5+ as jQuery 1 and jQuery 2 will be end-of-life soon.

Reasons to Migrate to jQuery 3.5 or Newer

Upgrading to the latest version of jQuery makes your app more secure by fixing all XSS (cross site scripting attacks) related vulnerabilities as well as vulnerabilities created by native object prototypes. 

The upgraded version would potentially also improve app performance because of faster script execution time and loading time. Read more on jQuery's blog, here.

We're aware of how important this is to you and are going to do the right thing.

As we plan and engineer this change, Splunk is committed to:

  • Maintaining the stability and security of Splunk software installations and the Splunk platform
  • Providing sufficient, but not unlimited, time for our customers and developer community to transition
  • Producing guidance and recommended practices for making the change in your environment
     

What You Need To Do Next 

  • Assess your jQuery dependencies in the packaged libraries and if any file uses jQuery libraries from the internal Splunk library. Best practice going forward is to package all of your app’s dependencies in the app itself
  • Evaluate how this change will impact your business
  • Organize to migrate to jQuery to v3.5 or newer 
  • Watch this space for next steps on how to execute the migration
  • Contact us by email at jquery3.5-upgrade@splunk.com or at community.splunk.com with your questions or if you’re interested in providing feedback
     
Vidhi Agrawal
Posted by

Vidhi Agrawal

Vidhi is a Principal Product Manager in the End User Experience team. A recent pivot in her career landed her in product management, she is passionate about delivering smart and thoughtful solutions to hard to solve customer problems. She loves all things related to data and analytics. Vidhi also has extensive experience on formulating successful pricing and packaging strategies specifically in the Enterprise SaaS space.

TAGS

Make Your App More Secure By Updating to jQuery® Version 3.5 or Newer

Show All Tags
Show Less Tags

Join the Discussion