[JENKINS-34350] Fix POST to /git/notifyCommit with CSRF protection on

Inspired by jenkinsci/github-plugin@5c2a041
jenkinsci · Apr 21, 2017 · 8ac8cc9e89809132355d701586babb9c19f1b88c · 8ac8cc9
1 parent bc51d27
commit 8ac8cc9e89809132355d701586babb9c19f1b88c
Unified Split

Showing with 32 additions and 0 deletions.

+32 −0 src/main/java/hudson/plugins/git/GitStatusCrumbExclusion.java
diff --git a/src/main/java/hudson/plugins/git/GitStatusCrumbExclusion.java b/src/main/java/hudson/plugins/git/GitStatusCrumbExclusion.java
@@ -0,0 +1,32 @@
+  
+package hudson.plugins.git;
+  
+
+  
+import hudson.Extension;
+  
+import hudson.security.csrf.CrumbExclusion;
+  
+
+  
+import javax.servlet.FilterChain;
+  
+import javax.servlet.ServletException;
+  
+import javax.servlet.http.HttpServletRequest;
+  
+import javax.servlet.http.HttpServletResponse;
+  
+import java.io.IOException;
+  
+
+  
+/**
+  
+ * Make POST to /git/notifyCommit work with CSRF protection on.
+  
+ */
+  
+@Extension
+  
+public class GitStatusCrumbExclusion extends CrumbExclusion {
+  
+
+  
+    @Override
+  
+    public boolean process(HttpServletRequest req, HttpServletResponse resp, FilterChain chain)
+  
+            throws IOException, ServletException {
+  
+        String pathInfo = req.getPathInfo();
+  
+        if (pathInfo != null && pathInfo.equals(getExclusionPath())) {
+  
+            chain.doFilter(req, resp);
+  
+            return true;
+  
+        }
+  
+        return false;
+  
+    }
+  
+
+  
+    public String getExclusionPath() {
+  
+        return "/git/notifyCommit";
+  
+    }
+  
+}