Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Minor
Component/s: github-plugin
Labels:
- issue-exported-to-github
Environment:
Jenkins 2.204.1 on Linux, Github plugin 1.29.5

If you have CSRF checking turned on in Global Security Settings:

And you have the Github webhook URL overridden in Jenkins Settings:

Then each webhook payload will hit a CSRF error:

I believe this is because the url /github-webhook is hardcoded in GitHubWebHookCrumbExclusion.java.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

image-2020-02-18-13-38-47-192.png
36 kB
2020-02-18 18:38
image-2020-02-18-13-36-51-430.png
45 kB
2020-02-18 18:36
image-2020-02-18-13-35-59-338.png
152 kB
2020-02-18 18:36

Assignee:: Kirill Merkushev
Reporter:: Eric Winer

Created:: 2020-02-18 18:41
Updated:: 2025-12-09 07:19
Archived:: 2025-12-09 07:19