Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25637

Add CrumbExclusion for buildByToken URL

    XMLWordPrintable

Details

    Description

      Just like similar plugins, (e.g. GitHub and GitLab), the Build Token Root Plugin does not play nice whith CSRF protection enabled.
      The root cause seems to be JENKINS-22474 (documented by Jesse Glick), but until that is fixed, the Build Token Root Plugin should probably add a CrumbExclusion for the URL it is listening on.
      See JENKINS-20140 for a similar issue in the GitHub Plugin, that has been resolved.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-22474 Crumb must be sent with POST requests even when using authentication token

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              jglick Jesse Glick
              kflorian kflorian
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: