![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
Jesse Glick
|
|
Components:
|
core |
|
Created:
|
21/Feb/13 8:39 PM
|
|
Description:
|
When a GET request is sent to a resource which (generally for security reasons) requires POST, an appropriate response code should be sent, so that clients such as python-jenkins may properly report the error.
- Most such web methods use @RequirePOST, for which currently a 500 is sent because org.kohsuke.stapler.interceptor.RequirePOST$Processor simply throws IllegalAccessException.
- Build-like requests use BuildAuthorizationToken which forwards to requirePOST.jelly with a 200, which is no good. (If a token is supplied but is incorrect, it more reasonably sends a 403, via AccessDeniedException.)
Both cases should probably send a 405 ("Method Not Allowed") with Allow: POST, though a 403 would not be inappropriate for the latter case since under some circumstances GET is still allowed for compatibility.
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Minor]() Minor
|
|
Reporter:
|
Jesse Glick
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/groups/opt_out.
