Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-32819

Pipeline compilation error detection broken when using CSRF detection

XMLWordPrintable

      Due to use of what seems to be an atypical AJAX call, when you are running Jenkins with CSRF defense enabled (i.e., typical secured installation), the syntax error display from JENKINS-32067 does not work: the server rejects the POST request for lacking a crumb.

      Typical use of Ajax from prototype works because of this.

          [JENKINS-32819] Pipeline compilation error detection broken when using CSRF detection

          Jesse Glick added a comment -

          The console shows

          … hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /jenkins/job/…/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile. Returning 403.

          Jesse Glick added a comment - The console shows … hudson.security.csrf.CrumbFilter doFilter WARNING: No valid crumb was included in request for /jenkins/job/…/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile. Returning 403.

          Antonio Muñiz added a comment -

          Wondering what would be better: to add required headers or use the Ajax object from the forked prototype.

          Antonio Muñiz added a comment - Wondering what would be better: to add required headers or use the Ajax object from the forked prototype.

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Antonio Muñiz
          Path:
          cps/src/main/js/workflow-editor.js
          http://jenkins-ci.org/commit/workflow-plugin/a5fdddee3fb14028612df3032414f9d5a1f6dcea
          Log:
          JENKINS-32819 Fix script compilation check when CSRF is enabled

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Antonio Muñiz Path: cps/src/main/js/workflow-editor.js http://jenkins-ci.org/commit/workflow-plugin/a5fdddee3fb14028612df3032414f9d5a1f6dcea Log: JENKINS-32819 Fix script compilation check when CSRF is enabled

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Jesse Glick
          Path:
          CHANGES.md
          cps/src/main/js/workflow-editor.js
          http://jenkins-ci.org/commit/workflow-plugin/8a56225d34f61f9400b621977f99dea2ffd49b0f
          Log:
          [FIXED JENKINS-32819] Merging #339.

          Compare: https://github.com/jenkinsci/workflow-plugin/compare/5bede7cff5c3...8a56225d34f6

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: CHANGES.md cps/src/main/js/workflow-editor.js http://jenkins-ci.org/commit/workflow-plugin/8a56225d34f61f9400b621977f99dea2ffd49b0f Log: [FIXED JENKINS-32819] Merging #339. Compare: https://github.com/jenkinsci/workflow-plugin/compare/5bede7cff5c3...8a56225d34f6

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Antonio Muñiz
          Path:
          cps/src/main/js/workflow-editor.js
          http://jenkins-ci.org/commit/workflow-cps-plugin/90f3cd32abeabce44961bcc4c0e33fbb85be67f3
          Log:
          JENKINS-32819 Fix script compilation check when CSRF is enabled

          Originally-Committed-As: a5fdddee3fb14028612df3032414f9d5a1f6dcea

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Antonio Muñiz Path: cps/src/main/js/workflow-editor.js http://jenkins-ci.org/commit/workflow-cps-plugin/90f3cd32abeabce44961bcc4c0e33fbb85be67f3 Log: JENKINS-32819 Fix script compilation check when CSRF is enabled Originally-Committed-As: a5fdddee3fb14028612df3032414f9d5a1f6dcea

            amuniz Antonio Muñiz
            jglick Jesse Glick
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: