Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55710

Sidebar-Link plugin file upload blocked by CSRF protection


    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • sidebar-link-plugin
    • Ubuntu 18
      Kubernetes 1.11
      Jenkins version 2.150.1
      sidebar-link-plugin 1.10
      Chrome Version 71.0.3578.98 (Official Build) (64-bit)

      When on the /configure page when trying to upload a new image to /userContent using the sidebar-link plugin the following error is generated.

      HTTP ERROR 403
      Problem accessing /plugin/sidebar-link/upload. Reason:
      No valid crumb was included in the request
      Powered by Jetty:// 9.4.z-SNAPSHOT


      The result of this error is due to CSRF protection in Jenkins 2.x.  The current workaround is for a user to complete the following steps:

      • Visit /configureSecurity page
      • Disable Prevent Cross Site Request Forgery exploits ** temporarily
      • Visit /configure upload the image desired


            kon Kalle Niemitalo
            bcherrin Bradley Herrin
            0 Vote for this issue
            2 Start watching this issue