-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Minor
-
Component/s: github-plugin
-
Environment:Jenkins 2.204.1 on Linux, Github plugin 1.29.5
If you have CSRF checking turned on in Global Security Settings:
Â
And you have the Github webhook URL overridden in Jenkins Settings:
Then each webhook payload will hit a CSRF error:
I believe this is because the url /github-webhook is hardcoded in GitHubWebHookCrumbExclusion.java.
