-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gitlab web hook fails when Cross Site Request Forgery protection is active #30
Labels
Comments
👍 agree, will see how to accomplish it... |
Version 1.1.0 has this resolved. If the plugin version doesn't come up on Manage Plugins page, you can install manually from http://repo.jenkins-ci.org/releases/org/jenkins-ci/ruby-plugins/gitlab-hook/1.1.0/. |
Same Problem now again. |
1 similar comment
Same Problem now again. |
@daikaixian I second this |
Also found this |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When the CSRF protection is set in Jenkins security config, the web hook requests fail with this error:
This is caused by the POST request which does not use a crumb.
A simple fix could be implementing a
CrumbExclusion
in the plugin like the gitbucket plugin(see https://github.com/jenkinsci/gitbucket-plugin/blob/master/src%2Fmain%2Fjava%2Forg%2Fjenkinsci%2Fplugins%2Fgitbucket%2FGitBucketWebHook.java)
(I already opened a ticket in Jenkins JIRA JENKINS-23370; but maybe here is a better place)
The text was updated successfully, but these errors were encountered: