[JIRA] [gitlab-hook] (JENKINS-23370) Gitlab web hook fails when Cross Site Request Forgery protection is active

jean-christophe.si...@cryptolog.com (JIRA) Mon, 09 Jun 2014 16:40:35 -0700

Jean-Christophe Sirot created

Gitlab web hook fails when Cross Site Request Forgery protection is active

Issue Type:	Bug
Affects Versions:	current
Assignee:	Unassigned
Components:	gitlab-hook
Created:	09/Jun/14 9:39 AM
Description:	When the CSRF protection is set, the web hook requests fail with Jun 9, 2014 9:31:58 AM hudson.security.csrf.CrumbFilter doFilter WARNING: No valid crumb was included in request for /gitlab/notify_commit. Returning 403. because the POST request does not use a crumb. The plugin should implement a `CrumbExclusion` like the gitbucket plugin (see https://github.com/jenkinsci/gitbucket-plugin/blob/master/src%2Fmain%2Fjava%2Forg%2Fjenkinsci%2Fplugins%2Fgitbucket%2FGitBucketWebHook.java)
Project:	Jenkins
Priority:	Blocker
Reporter:	Jean-Christophe Sirot

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[JIRA] [gitlab-hook] (JENKINS-23370) Gitlab web hook fails when Cross Site Request Forgery protection is active

Reply via email to