Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-15252

Why is "Prevent Cross Site Request Forgery exploits" disabled by default?

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • core

      1. It's not clear why "Prevent Cross Site Request Forgery exploits" is disabled by default.
      2. The help needs to explain the downside of enabling this feature, if any.

          [JENKINS-15252] Why is "Prevent Cross Site Request Forgery exploits" disabled by default?

          cowwoc created issue -
          Jenkins IRC Bot made changes -
          Component/s New: core [ 15593 ]
          Component/s Original: gui [ 15492 ]
          Daniel Beck made changes -
          Assignee New: Daniel Beck [ danielbeck ]
          Daniel Beck made changes -
          Labels New: documentation
          Priority Original: Major [ 3 ] New: Minor [ 4 ]
          Daniel Beck made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Daniel Beck made changes -
          Remote Link New: This issue links to "PR 1438 (Web Link)" [ 11808 ]
          SCM/JIRA link daemon made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: In Progress [ 3 ] New: Resolved [ 5 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 145974 ] New: JNJira + In-Review [ 191721 ]

            danielbeck Daniel Beck
            cowwoc cowwoc
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: