Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-52459

Disabling plugins in the Plugin Manager throws a JavaScript error due to permissions error

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Minor
    • Resolution: Unresolved
    • core
    • None

    Description

      When unchecking a plugin in the 'Installed' checkbox in the Plugin Manager, a JavaScript error is thrown:

      XML Parsing Error: no root element found
      Location: http://localhost:8081/pluginManager/plugin/ant/makeDisabled
      Line Number 1, Column 1:
      

      Due to empty response body.

      Attachments

        Activity

          rtyler R. Tyler Croy created issue -
          rtyler R. Tyler Croy added a comment -

          FWIw, easily reproducible with the jenkins/jenkins:lts-alpine container right now at 2.107.1

          rtyler R. Tyler Croy added a comment - FWIw, easily reproducible with the jenkins/jenkins:lts-alpine container right now at 2.107.1
          danielbeck Daniel Beck added a comment -

          The URL you're trying to access requires that requests be sent using POST (like a form submission). The button below allows you to retry accessing this URL using POST. URL being accessed:</p><p><tt>http://localhost:8081/pluginManager/plugin/ant/makeDisabled</tt

          Method Not Allowed. Weird.

          right now at 2.107.1

          I hope this is just a typo 2.121.1.

          Interestingly, this is all from https://github.com/jenkinsci/jenkins/blob/master/core/src/main/resources/hudson/PluginManager/installed.jelly and that specifically sends an AJAX POST request when toggling a button. Unclear how that could end up being GET. I also cannot reproduce this problem at all with lts-alpine at 2.121.2. In the wizwrd, I customized installed plugins, accepted the admin user, and set the root URL. Immediately afterwards I successfully disabled a plugin.

          danielbeck Daniel Beck added a comment - The URL you're trying to access requires that requests be sent using POST (like a form submission). The button below allows you to retry accessing this URL using POST. URL being accessed:</p><p><tt> http://localhost:8081/pluginManager/plugin/ant/makeDisabled </tt Method Not Allowed. Weird. right now at 2.107.1 I hope this is just a typo 2.121.1. Interestingly, this is all from https://github.com/jenkinsci/jenkins/blob/master/core/src/main/resources/hudson/PluginManager/installed.jelly and that specifically sends an AJAX POST request when toggling a button. Unclear how that could end up being GET. I also cannot reproduce this problem at all with lts-alpine at 2.121.2. In the wizwrd, I customized installed plugins, accepted the admin user, and set the root URL. Immediately afterwards I successfully disabled a plugin.
          danielbeck Daniel Beck added a comment -

          Needs steps to reproduce.

          danielbeck Daniel Beck added a comment - Needs steps to reproduce.
          danielbeck Daniel Beck made changes -
          Field Original Value New Value
          Resolution Cannot Reproduce [ 5 ]
          Status Open [ 1 ] Closed [ 6 ]
          rtyler R. Tyler Croy added a comment -

          Verified with a fresh installation of 2.121.1.

          1. Install suggested plugins
          2. Navigate to http://localhost:8080/pluginManager/installed
          3. Open the JavaScript Error Console (F12)
          4. Click the 'Ant' checkbox
          5. Observe XML parsing error because the XMLHttpRequest returned an HTML 500 page
          rtyler R. Tyler Croy added a comment - Verified with a fresh installation of 2.121.1. Install suggested plugins Navigate to http://localhost:8080/pluginManager/installed Open the JavaScript Error Console (F12) Click the 'Ant' checkbox Observe XML parsing error because the XMLHttpRequest returned an HTML 500 page
          rtyler R. Tyler Croy made changes -
          Resolution Cannot Reproduce [ 5 ]
          Status Closed [ 6 ] Reopened [ 4 ]
          danielbeck Daniel Beck added a comment -

          Via IRC, the response body is actually empty and 405 is just when looking at this in the browser error console. HTTP 500 was a typo.

          danielbeck Daniel Beck added a comment - Via IRC, the response body is actually empty and 405 is just when looking at this in the browser error console. HTTP 500 was a typo.
          danielbeck Daniel Beck made changes -
          Status Reopened [ 4 ] Open [ 1 ]
          danielbeck Daniel Beck made changes -
          Description When unchecking a plugin in the 'Installed' checkbox in the Plugin Manager, a JavaScript error is thrown:

          {code}
          XML Parsing Error: no root element found
          Location: http://localhost:8081/pluginManager/plugin/ant/makeDisabled
          Line Number 1, Column 1:
          {code}

          Appears to be due to a permissions failure:


          {code}
          <!DOCTYPE html><html><head resURL="/static/7ddd4b92" data-rooturl="" data-resurl="/static/7ddd4b92">
              

              <title>Method Not Allowed [Jenkins]</title><link rel="stylesheet" href="/static/7ddd4b92/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/7ddd4b92/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/7ddd4b92";</script><script src="/static/7ddd4b92/scripts/prototype.js" type="text/javascript"></script><script src="/static/7ddd4b92/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/7ddd4b92/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/7ddd4b92/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/7ddd4b92/scripts/yui/dom/dom-min.js"></script><script src="/static/7ddd4b92/scripts/yui/event/event-min.js"></script><script src="/static/7ddd4b92/scripts/yui/animation/animation-min.js"></script><script src="/static/7ddd4b92/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/7ddd4b92/scripts/yui/container/container-min.js"></script><script src="/static/7ddd4b92/scripts/yui/connection/connection-min.js"></script><script src="/static/7ddd4b92/scripts/yui/datasource/datasource-min.js"></script><script src="/static/7ddd4b92/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/7ddd4b92/scripts/yui/menu/menu-min.js"></script><script src="/static/7ddd4b92/scripts/yui/element/element-min.js"></script><script src="/static/7ddd4b92/scripts/yui/button/button-min.js"></script><script src="/static/7ddd4b92/scripts/yui/storage/storage-min.js"></script><script src="/static/7ddd4b92/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/7ddd4b92/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("Jenkins-Crumb", "cc3246d1ad1b646b5af240554d29fafd");</script><link rel="stylesheet" href="/static/7ddd4b92/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/7ddd4b92/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><script src="/static/7ddd4b92/jsbundles/page-init.js" type="text/javascript"></script></head><body id="jenkins" class="yui-skin-sam two-column jenkins-2.107.1" data-version="2.107.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/7ddd4b92/images/headshot.png" alt="title" id="jenkins-head-icon" /><img src="/static/7ddd4b92/images/title.png" alt="title" width="139" id="jenkins-name-icon" height="34" /></a></div><div class="login"> <span style="white-space:nowrap"><a href="/user/admin" class="model-link inside inverse"><b>admin</b></a>
                              |
                              <a href="/logout"><b>log out</b></a></span></div><div class="searchbox hidden-xs"><form method="get" name="search" action="/pluginManager/search/" style="position:relative;" class="no-json"><div id="search-box-minWidth"></div><div id="search-box-sizer"></div><div id="searchform"><input name="q" placeholder="search" id="search-box" class="has-default-text" /> <a href="https://jenkins.io/redirect/search-box"><img src="/static/7ddd4b92/images/16x16/help.png" style="width: 16px; height: 16px; " class="icon-help icon-sm" /></a><div id="search-box-completion"></div><script>createSearchBox("/pluginManager/search/");</script></div></form></div></div><div id="breadcrumbBar"><tr id="top-nav"><td id="left-top-nav" colspan="2"><link rel='stylesheet' href='/adjuncts/7ddd4b92/lib/layout/breadcrumbs.css' type='text/css' /><script src='/adjuncts/7ddd4b92/lib/layout/breadcrumbs.js' type='text/javascript'></script><div class="top-sticker noedge"><div class="top-sticker-inner"><div id="right-top-nav"></div><ul id="breadcrumbs"><li class="item"><a href="/" class="model-link inside">Jenkins</a></li><li href="/" class="children"></li><li class="item"><a href="/pluginManager/" class=" inside">Plugin Manager</a></li><li class="separator"></li><li class="item"><a href="/pluginManager/plugin/ant/" class=" inside">Ant Plugin</a></li><li class="separator"></li></ul><div id="breadcrumb-menu-target"></div></div></div></td></tr></div></div><div id="page-body" class="clear"><div id="side-panel"></div><div id="main-panel"><a name="skip2content"></a><h1>This URL requires POST</h1><p>The URL you're trying to access requires that requests be sent using POST (like a form submission). The button below allows you to retry accessing this URL using POST. URL being accessed:</p><p><tt>http://localhost:8081/pluginManager/plugin/ant/makeDisabled&lt;/tt&gt;&lt;/p&gt;&lt;p&gt;&lt;strong&gt;If you were sent here from an untrusted source, please proceed with caution.</strong></p><form method="post" autocomplete="off" name="retry"><table width="100%"><input name="Submit" type="submit" value="Retry using POST" class="submit-button primary" /></table></form></div></div><footer><div class="container-fluid"><div class="row"><div class="col-md-6" id="footer"></div><div class="col-md-18"><span class="page_generated">Page generated: Jul 10, 2018 6:24:00 PM GMT</span><span class="jenkins_ver"><a href="https://jenkins.io/">Jenkins ver. 2.107.1</a></span><link rel='stylesheet' href='/adjuncts/7ddd4b92/jenkins/management/AdministrativeMonitorsDecorator/resources.css' type='text/css' /><script src='/adjuncts/7ddd4b92/jenkins/management/AdministrativeMonitorsDecorator/resources.js' type='text/javascript'></script><div id="visible-am-container"><a onclick="toggleVisibleAmList(event)" id="visible-am-button" href="#" title="There are 2 active administrative monitors.">2</a><div id="visible-am-list"><div class="am-message"><div class="alert alert-info">
                  New version of Jenkins (2.121.1) is available for <a href="http://updates.jenkins-ci.org/download/war/2.121.1/jenkins.war">download</a> (<a href="https://jenkins.io/changelog-stable">changelog</a>).
                  </div></div><div class="am-message"><div class="alert alert-danger" role="alert"><form method="post" action="/administrativeMonitor/jenkins.security.UpdateSiteWarningsMonitor/forward"><input name="configure" type="submit" value="Configure which of these warnings are shown" class="submit-button primary" /></form>Warnings have been published for the following currently installed components.<dl><dt>Jenkins 2.107.1 core and libraries</dt><dd><a href="https://jenkins.io/security/advisory/2018-05-09/" target="_blank">Multiple security vulnerabilities in Jenkins 2.120 and earlier, and LTS 2.107.2 and earlier</a></dd><dd><a href="https://jenkins.io/security/advisory/2018-04-11/" target="_blank">Multiple security vulnerabilities in Jenkins 2.115 and earlier, and LTS 2.107.1 and earlier</a></dd></dl></div></div><p style="text-align: center; margin: 10px 0 0 0;"><a onclick="document.location.href='/manage';" href="/manage">Manage Jenkins</a></p></div></div><script type="text/javascript">
                      document.getElementById("header").appendChild(document.getElementById("visible-am-container"));
                  </script></div></div></div></footer></body></html>
          {code}
          When unchecking a plugin in the 'Installed' checkbox in the Plugin Manager, a JavaScript error is thrown:
          {code:java}
          XML Parsing Error: no root element found
          Location: http://localhost:8081/pluginManager/plugin/ant/makeDisabled
          Line Number 1, Column 1:
          {code}
          Due to empty response body.

          People

            Unassigned Unassigned
            rtyler R. Tyler Croy
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: