Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-36880

WARNING: badMessage: 413 for HttpChannelOverHttp and WARNING: Header is too large >8192

    XMLWordPrintable

Details

    Description

      It seems that when you use the Test option to verify the credentials some errors are logged by Jenkins but you still get a success result. Based on the logs I suppose that these are really serious errors:

      Jul 22, 2016 3:57:10 PM org.eclipse.jetty.util.log.JavaUtilLog warn
      WARNING: Header is too large >8192
      Jul 22, 2016 3:57:10 PM org.eclipse.jetty.util.log.JavaUtilLog warn
      WARNING: badMessage: 413 for HttpChannelOverHttp@7b0d79d2{r=0,c=false,a=IDLE,uri=/descriptorByName/hudson.plugins.ec2.AmazonEC2Cloud/checkPrivateKey?value=-----BEGIN%20RSA%20PRIVATE%20KEY-----%0..........(censored-private-key-content)......................%3D%3D%0A-----END%20RSA%20PRIVATE%20KEY-----}
      

      Not to add that displaying a private RSA key in the logs or in the UI is a serious security issue.

      Attachments

        Issue Links

          Activity

            People

              francisu Francis Upton
              ssbarnea Sorin Sbarnea
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: