Command line git is unable to clone with http from the userContent.git repository provided by the Jenkins git-usercontent-plugin if CSRF protection is enabled.

Steps to repeat the problem:

1. Clone, build, and run the docker instance

    $ git lfs clone https://github.com/MarkEWaite/docker-lfs JENKINS-48363
    $ cd JENKINS-48363
    $ git lfs fetch origin JENKINS-48363
    $ git checkout -b lts-with-plugins-add-csrf JENKINS-48363
    $ docker build -t jenkins:JENKINS-48363 .
    $ docker run -i --rm --publish 8080:8080 jenkins:JENKINS-48363
   

2. From a command window, attempt to clone the userContent.git repository (will fail)

     $ git clone http://localhost:8080/userContent.git
   

3. Disable CSRF protection by clearing the checkbox at "Jenkins" - "Configure Global Security" - "Prevent Cross Site Request Forgery exploits", and save that change with the "Save" button
4. From a command window, attempt to clone the userContent.git repository (will work)

     $ git clone http://localhost:8080/userContent.git
   

When the clone fails, it reports:

$ git clone http://localhost:8080/userContent.git
Cloning into 'userContent'...
error: RPC failed; HTTP 403 curl 22 The requested URL returned error: 403 No valid crumb was included in the request
fatal: The remote end hung up unexpectedly

The only workaround I've found is to disable CSRF protection.