Loading...

Type: Bug
Resolution: Fixed
Priority: Minor
Component/s: core
Labels:
- issue-exported-to-github

I noticed that I had thousands of WARNING messages in my master logs this morning because some users are leaving Jenkins home pages open past the user's session expiry.

I understand that part of the problem here is the busy-wait looping on /ajaxBuildQueue, but finding an entire log file filled with this garbage seems like a bug

WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:05:46 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:05:46 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:05:46 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:05:51 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:05:51 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:05:51 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:05:51 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:05:56 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:05:56 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:05:56 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:05:56 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:01 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:01 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:01 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:01 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:06 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:06 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:06 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:06 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:11 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:11 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:11 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:11 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:16 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:16 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:16 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:16 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:21 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:21 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:21 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:21 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:26 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:26 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:26 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:26 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.
Dec 09, 2016 4:06:31 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:31 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxBuildQueue. Returning 403.
Dec 09, 2016 4:06:31 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: Found invalid crumb 2c7b06359e83df2535c0520c1ae79753.  Will check remaining parameters for a valid one...
Dec 09, 2016 4:06:31 PM hudson.security.csrf.CrumbFilter doFilter
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.

is duplicated by

JENKINS-40380 AJAX callbacks generate 403s for expired sessions which can trigger an IPS

Resolved

is related to

JENKINS-40817 Clicking on (?) help icons after session has expired should provided a useful error message

Open

relates to

JENKINS-49745 Too many CrumbFilter log entries per second

Closed

links to

CloudBees Internal OSS-1788

PR 3049

Details

Description

Attachments

Issue Links

Activity

People

Dates