Start Building for Free
CircleCI.comAcademyBlogCommunitySupport

CircleCI Server v3.x build artifacts

1+ year ago1 min read
Server v3.x
Server Admin
On This Page
  • Safe and unsafe content types
  • Allow unsafe types

Build artifacts persist data after a job is completed. They can be used for longer-term storage of your build process outputs. For example, when a Java build/test process finishes, the output of the process is saved as a .jar file. CircleCI can store this file as an artifact, keeping it available long after the process has finished.

Safe and unsafe content types

By default, only predefined artifact types are allowed to be rendered. This protects users from uploading, and potentially executing, malicious content. The 'allowed-list' is as follows:

CategorySafe Type

Text

Plain

Application

json

Image

png

Image

jpg

Image

gif

Image

bmp

Video

webm

Video

ogg

Video

mp4

Audio

webm

Audio

aac

Audio

mp4

Audio

mpeg

Audio

ogg

Audio

wav

Also, by default, the following types will be rendered as plain text:

CategoryUnsafe Type

Text

html

Text

css

Text

javascript

Text

ecmascript

Application

javascript

Application

ecmascript

Text

xml

Allow unsafe types

You can choose to allow unsafe types to be rendered, if required, by checking the Server Unsafe Artifacts checkbox within the Frontend Settings in the KOTS Admin Console.

Screenshot highlighting the option to server unsafe build artifacts
Figure 1. CircleCI Server v3.x Artifacts

Help make this document better

This guide, as well as the rest of our docs, are open source and available on GitHub. We welcome your contributions.

Need support?

Our support engineers are available to help with service issues, billing, or account related questions, and can help troubleshoot build configurations. Contact our support engineers by opening a ticket.

You can also visit our support site to find support articles, community forums, and training resources.