Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-72520

Http Request plugin Multipart form does not set boundaries for multipart

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Blocker Blocker
    • http-request-plugin
    • None
    • Jenkins 2.393

      I'm trying to POST an XML file (OWASP ZAP Report) to an external service (OWASP Defect Dojo), using a shared Jenkins library. A curl-command (see below) for POST-ing the XML file works fine. But I have a hard time translating that into Jenkins' Http Request plugin, so we can include it in a reusable Jenkins shared library.

      This results in the following response:

       

      Response Code: HTTP/1.1 400 Bad Request
Response: 
{"detail":"Multipart form parse error - Invalid boundary in multipart: None"}

      Is this a bug or am I missing something?

       

       

      curl command:

       

      curl -X 'POST' \
  'http:<server>:8080/api/v2/import-scan/' \
  -H 'accept: application/json' \
  -H 'Content-Type: multipart/form-data' \
  -H 'X-CSRFToken: <token>' \
  -H 'Authorization: Token <token>' \
  -F 'scan_date=2023-11-20' \
  -F 'minimum_severity=Info' \
  -F 'active=true' \
  -F 'verified=true' \
  -F 'scan_type=ZAP Scan' \
  -F 'file=@zapreport.xml;type=text/xml' \
  -F 'product_name=Test project' \
  -F 'engagement_name=Test engagement' \
  -F 'close_old_findings=false' \
  -F 'close_old_findings_product_scope=false' \
  -F 'push_to_jira=false' \
  -F 'create_finding_groups_for_all_findings=true'

       

       

      Jenkins Groovy code:

              ResponseContentSupplier response = steps.httpRequest url: "${env.DEFECT_DOJO_HOST_URL}${api}",
                acceptType: 'APPLICATION_JSON',
                contentType: 'APPLICATION_FORM_DATA',
                httpMode: 'POST',
                uploadFile: 'zapreport.xml',
                multipartName: 'zapreport.xml',
                customHeaders: customHeadersDummy(authHeader, headers), // Includes auth-token
                formData: [[body: '''{
    "product_name": "Dummy project",
    "engagement_name": "Dummy Engagement",
    "scan_date": "2023-11-20",
    "minimum_severity": "Info",
    "active": "true",
    "verified": "true",
    "scan_type": "ZAP Scan",
    "close_old_findings": "false",
    "close_old_findings_product_scope": "false",
    "push_to_jira": "false",
    "create_finding_groups_for_all_findings": "true"
}''',
                 contentType: 'text/xml',
                 fileName: 'zapreport.xml',
                 name: 'zapreport.xml',
                 uploadFile: 'zapreport.xml']],
                 consoleLogResponseBody: true,
                responseHandle: 'NONE',
                timeout: null
                wrapAsMultipart: false

       

            janario Janario Oliveira
            brampat Bram
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: