Major If the "Prevent cross site forgery request exploit" option is selected in the "Configure global" security page and a change is made and saved on the global settings page - the cross site forgery prevention option is deactivated.
This is causing issues with post-commit hooks that pass the API token as well as the crumb in the HTTP header when making RESTful calls to Jenkins.
- duplicates
-
JENKINS-17087 Saving Jenkins Global Config wipes out the crumb issuer settings in the Global Security Config
-
- Resolved
-