-
Bug
-
Resolution: Fixed
-
Major
Webhook endpoint /bitbucket-scmsource-hook/notify should be excluded from CSRF protection.
Response with CSRF protection enabled:
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Error 403 No valid crumb was included in the request</title> </head> <body><h2>HTTP ERROR 403</h2> <p>Problem accessing /bitbucket-scmsource-hook/notify. Reason: <pre> No valid crumb was included in the request</pre></p><hr><i><small>Powered by Jetty://</small></i><hr/> </body> </html>
Fixed in Bitbucket plugin: JENKINS-26234
- is duplicated by
-
JENKINS-36399 Add Crumb Exclusion
- Closed