Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-34740

Many XHR requests fail under certain conditions when an underscore is present in the hostname

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • core

    Description

      When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail – either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

      Here are a few examples:

      • At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
      • At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
      • At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
      • At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

      This issue has been tested and found present in 1.6, 2.2, and 2.3 (I haven't tested any other versions).

      In 2.0+, this results in several major functionality blockers – e.g. the New Item page is blank.

      Attachments

        Activity

          pianoroy Roy Tinker created issue -
          pianoroy Roy Tinker made changes -
          Field Original Value New Value
          Description I just upgraded to 2.2 from 1.6, and this issue appeard. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:


          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Attachment screenshot275126.png [ 32672 ]
          pianoroy Roy Tinker made changes -
          Attachment screenshot275126.png [ 32675 ]
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:


          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Reverting to Jenkins 1.6 fixes the problem.

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Accessing Jenkins via the server's IP address (i.e. `https://1.2.3.4/view/All/newJob`)

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Accessing Jenkins via the server's IP address (i.e. `https://1.2.3.4/view/All/newJob`)

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Accessing Jenkins via the server's IP address (i.e. `https://1.2.3.4/view/All/newJob`)

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Summary Cannot create new items after upgrade to 2.2 when hosted via HTTPS and an underscore is present in the server's FQDN Cannot create new items after upgrade to 2.2 when underscore is present in the server's FQDN
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared. I'm running Jenkins using HTTPS (directly, not through a reverse proxy). The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Accessing Jenkins via the server's IP address (i.e. `https://1.2.3.4/view/All/newJob`)

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared. The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Summary Cannot create new items after upgrade to 2.2 when underscore is present in the server's FQDN Cannot create new items after upgrade to 2.2 when underscore is present in the hostname suborigin
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared. The Jenkins URL is set correctly (scheme is https, hostname is the server's FQDN).

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          pianoroy Roy Tinker made changes -
          Labels 2.0 https security url https security url
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          I'm aware of https://issues.jenkins-ci.org/browse/JENKINS-34648, and that doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores. Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores. Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores. Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores. Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores. Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores. Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially Windows servers in Windows domains (NetBIOS names are allowed to have underscores, thus modern Windows domain servers continue to allow them and serve them via DNS without complaint). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially Windows servers in Windows domains (NetBIOS names are allowed to have underscores, thus modern Windows domain servers continue to allow them and serve them via DNS without complaint). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially in internal Windows domains (NetBIOS names are allowed to have underscores, thus modern Windows domain servers continue to allow them and serve them via DNS without complaint). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially in internal Windows domains (NetBIOS names are allowed to have underscores, thus modern Windows domain servers continue to allow them and serve them via DNS without complaint). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially in internal Windows domains (NetBIOS names are allowed to have underscores, thus modern Windows domain controllers continue to allow them and serve them via DNS without complaint). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially in internal Windows domains (NetBIOS names are allowed to have underscores, thus modern Windows domain controllers continue to allow them and serve them via DNS without complaint). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially in internal Windows domains (NetBIOS names are allowed to have underscores). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          pianoroy Roy Tinker made changes -
          Summary Cannot create new items after upgrade to 2.2 when underscore is present in the hostname suborigin Cannot create new items after upgrade to 2.2 when underscore is present in the hostname
          pianoroy Roy Tinker made changes -
          Summary Cannot create new items after upgrade to 2.2 when underscore is present in the hostname All XHR requests fail under certain conditions when an underscore is present in the hostname
          pianoroy Roy Tinker made changes -
          Component/s external-monitor-job-plugin [ 17123 ]
          pianoroy Roy Tinker made changes -
          Labels https security url url
          pianoroy Roy Tinker made changes -
          Description I just upgraded to 2.2 from 1.6, and this issue appeared.

          Navigating to {{https://servername_vm.example.com/view/All/newJob}} results in a blank page. No items show up.
          !screenshot275124.png|thumbnail!

          In the console, I see:
          !screenshot275125.png|thumbnail!

          Navigating to the Network tab of the devtools, the headers associated with the failed XHR are as follows:
          !screenshot275126.png|thumbnail!

          Note that I'm _not_ authenticated as anonymous (even though the X-You-Are-Authenticated-As header says so) -- see the first screenshot. Also of interest is the "Suborigin" request header. It's equal to the part of the server's name _before_ {{_vm}} (so it's not equal to the true suborigin) -- which may be the trigger that is causing the problem.

          Changes that fix the problem:
          - Reverting to Jenkins 1.6
          - Using a hostname without an underscore,

          Changes that do not fix the problem:
          - Switching to HTTP (i.e. using httpPort=80 and eliminating httpsPort=443)

          JENKINS-34648 doesn't describe the issue I'm having. I suspect my issue may be another problem caused by the same commit - that's why I named the external-monitor-job-plugin in the components list.

          Note: RFC 952 restricts hostnames to letters, hyphens, and numerals. However, later I18n-oriented standards allow encoding other characters in hostnames. In practice, there are a lot of hostnames in the wild with underscores, especially in internal Windows domains (NetBIOS names are allowed to have underscores). Further reading: http://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it
          When accessing via a hostname with an underscore, I'm seeing problems in several other places throughout Jenkins -- but the problems all disappear if I access via a hostname without an underscore (which I'm doing by adding an alternate name for the Jenkins server's IP address in my machine's hosts file). Here's a few I could compile in 10 minutes:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          pianoroy Roy Tinker made changes -
          Description When accessing via a hostname with an underscore, I'm seeing problems in several other places throughout Jenkins -- but the problems all disappear if I access via a hostname without an underscore (which I'm doing by adding an alternate name for the Jenkins server's IP address in my machine's hosts file). Here's a few I could compile in 10 minutes:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          When accessing via a hostname with an underscore, all XHR requests fail. Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          pianoroy Roy Tinker made changes -
          Description When accessing via a hostname with an underscore, all XHR requests fail. Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          When accessing via a hostname with an underscore, all (or many) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          pianoroy Roy Tinker made changes -
          Summary All XHR requests fail under certain conditions when an underscore is present in the hostname Many XHR requests fail under certain conditions when an underscore is present in the hostname
          pianoroy Roy Tinker made changes -
          Description When accessing via a hostname with an underscore, all (or many) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          pianoroy Roy Tinker made changes -
          Attachment screenshot275124.png [ 32674 ]
          pianoroy Roy Tinker made changes -
          Description When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.
          When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.

          In 2.0+, this results in several major functionality blockers -- e.g. the New Item page is blank.
          pianoroy Roy Tinker made changes -
          Description When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue is present in 1.6, 2.2, and 2.3.

          In 2.0+, this results in several major functionality blockers -- e.g. the New Item page is blank.
          When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail -- either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).

          Here are a few examples:
          * At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
          * At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
          * At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
          * At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.

          This issue has been tested and found present in 1.6, 2.2, and 2.3 (I haven't tested any other versions).

          In 2.0+, this results in several major functionality blockers -- e.g. the New Item page is blank.
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 170921 ] JNJira + In-Review [ 184092 ]

          People

            Unassigned Unassigned
            pianoroy Roy Tinker
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: