[JENKINS-30384] Add CrumbExclusion for mercurial hooks

Type: Bug
Resolution: Cannot Reproduce
Priority: Minor
Component/s: bitbucket-plugin
Labels:
- crumb
- mercurial
- webhook
Environment:
mercurial-plugin 1.54, "Prevent Cross Site Request Forgery exploits" enabled

Similar Issues:
Powered by SuggestiMate

Show

The the "Webhooks" functionality of Bitbucket only allows to generate POST requests. I would like to use it to trigger builds on Jenkins, but I get the following message in jenkins.log:

Sep 10, 2015 12:43:44 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /bitbucket-hook. Returning 403.

links to

mercurial-plugin PR 71

Aldo Brucale created issue - 2015-09-10 12:24

Aldo Brucale made changes - 2015-09-10 12:34

Description

New: The the "Webhooks" functionality of Bitbucket only allows to generate POST requests. I would like to use it to trigger builds on Jenkins, but I get the following message in jenkins.log:

Sep 10, 2015 12:43:44 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /bitbucket-hook. Returning 403.

Jesse Glick added a comment - 2015-09-10 16:37

While the /mercurial endpoint may well need a crumb exclusion (never been reported AFAIK), this hook is in another plugin.

Jesse Glick added a comment - 2015-09-10 16:37 While the /mercurial endpoint may well need a crumb exclusion (never been reported AFAIK), this hook is in another plugin.

Jesse Glick made changes - 2015-09-10 16:37

Component/s		New: bitbucket-plugin [ 18755 ]
Component/s	Original: mercurial-plugin [ 15502 ]
Labels		New: crumb mercurial webhook

Jesse Glick made changes - 2015-09-10 16:37

Assignee

Original: Jesse Glick [ jglick ]

Jesse Glick made changes - 2015-09-10 17:26

Remote Link

New: This issue links to "mercurial-plugin PR 71 (Web Link)" [ 13147 ]

R. Tyler Croy made changes - 2016-07-25 23:51

Workflow

Original: JNJira [ 165490 ]

New: JNJira + In-Review [ 181997 ]

Tzach Solomon added a comment - 2020-08-08 19:12

jglick I think there is a mistake and the component bitbucket-plugin by mistake. Am I right or am I missing something?

Tzach Solomon added a comment - 2020-08-08 19:12 jglick I think there is a mistake and the component bitbucket-plugin by mistake. Am I right or am I missing something?

Jesse Glick added a comment - 2020-08-19 21:02

I have no idea what this is, I was just moving it out of the wrong component.

Jesse Glick added a comment - 2020-08-19 21:02 I have no idea what this is, I was just moving it out of the wrong component.

Tzach Solomon added a comment - 2020-08-21 11:36

jglick I think that bitbucket-plugin is also the wrong the component.

Tzach Solomon added a comment - 2020-08-21 11:36 jglick I think that bitbucket-plugin is also the wrong the component.

Assignee:: Tzach Solomon

Reporter:: Aldo Brucale

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2015-09-10 12:24

Updated:: 2021-06-10 21:09

Resolved:: 2021-06-10 21:09

Jenkins

Details

Description

Attachments

Issue Links

Activity

Collapse comment: Jesse Glick added a comment - 2015-09-10 16:37

Expand comment: Jesse Glick added a comment - 2015-09-10 16:37

Collapse comment: Tzach Solomon added a comment - 2020-08-08 19:12

Expand comment: Tzach Solomon added a comment - 2020-08-08 19:12

Collapse comment: Jesse Glick added a comment - 2020-08-19 21:02

Expand comment: Jesse Glick added a comment - 2020-08-19 21:02

Collapse comment: Tzach Solomon added a comment - 2020-08-21 11:36

Expand comment: Tzach Solomon added a comment - 2020-08-21 11:36

People

Dates