Thank you for that. But the way I read that is as a warning: subject to CSRF problems, be warned. I don't see any indication that GET has been disabled.
What am I not seeing? Thank you On Wednesday, May 18, 2022 at 2:48:31 PM UTC-5 [email protected] wrote: > On Wed, May 18, 2022 at 9:01 PM [email protected] <[email protected]> > wrote: > >> On Jenkins 1.x we can call scriptlet entries using GET. >> On Jenkin 2.x, any GET attempts are being returned with an error that >> they must be done via POST >> > > That's a security fix. See > https://www.jenkins.io/security/advisory/2017-04-10/#script-management-vulnerable-to-cross-site-request-forgery-attacks-in-scriptler-plugin > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/c43feebb-51bb-4d5d-8f62-8cbe91d2e40fn%40googlegroups.com.
