-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Platform: All, OS: All
Hudson: 1.310-SNAPSHOT (svn trunk)
I checked "Prevent Cross Site Request Forgery exploits", then ajax request like
ajaxBuildQueue returned "HTTP/1.1 430 Forbidden".
I use Hudson installation behind some proxies.
In hudson.security.csrf.DefaultCrumbIssuer L58, "Request#getRemoteAddr()" is
used to update MessageDigest. but it will return diffrent IP behind proxies each
request.
- is related to
-
JENKINS-7518 CLONE -Crumb breaks ajax request behind proxies. -- Still broken behind nginx proxies
-
- Resolved
-
[JENKINS-3854] Crumb breaks ajax request behind proxies.
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Resolution | New: Fixed [ 1 ] | |
Status | Original: In Progress [ 3 ] | New: Resolved [ 5 ] |
Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
Link |
New:
This issue is related to |
Workflow | Original: JNJira [ 133927 ] | New: JNJira + In-Review [ 202495 ] |