-
-
Notifications
You must be signed in to change notification settings - Fork 8.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-34254] Fix RequirePOST form #3187
Conversation
core/pom.xml
Outdated
@@ -39,7 +39,7 @@ THE SOFTWARE. | |||
|
|||
<properties> | |||
<staplerFork>true</staplerFork> | |||
<stapler.version>1.253</stapler.version> | |||
<stapler.version>1.254-SNAPSHOT</stapler.version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
staged release would be nice, but IIUC Stapler settings need to be patched for that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope. Add to your ~/.bashrc
:
alias deploysnapshot='mvn clean install source:jar deploy:deploy -DaltDeploymentRepository=maven.jenkins-ci.org::default::https://repo.jenkins-ci.org/snapshots/'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jglick This still doesn't result in a consistent date for every artifact, which is the reason I used -SNASPSHOT
rather than changing all the uses of stapler.version
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1.254 released with just this change, please update.
blurb = The URL you're trying to access requires that requests be sent using POST (like a form submission). \ | ||
The button below allows you to retry accessing this URL using POST. \ | ||
URL being accessed: | ||
warning = If you were sent here from an untrusted source, please proceed with caution. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not sure why, but GitHub UI does not recognize it as a new variable. Maybe :
needs to be escaped
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am guessing Linguist is not very good at parsing line escapes in properties files.
<?jelly escape-by-default='true'?> | ||
<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form"> | ||
|
||
<l:layout norefresh="true" title="${%Method Not Allowed}"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it still need norefresh
? IIRC no
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually I am wrong. #2979 has not been integrated yet
core/pom.xml
Outdated
@@ -39,7 +39,7 @@ THE SOFTWARE. | |||
|
|||
<properties> | |||
<staplerFork>true</staplerFork> | |||
<stapler.version>1.253</stapler.version> | |||
<stapler.version>1.254-SNAPSHOT</stapler.version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope. Add to your ~/.bashrc
:
alias deploysnapshot='mvn clean install source:jar deploy:deploy -DaltDeploymentRepository=maven.jenkins-ci.org::default::https://repo.jenkins-ci.org/snapshots/'
blurb = The URL you're trying to access requires that requests be sent using POST (like a form submission). \ | ||
The button below allows you to retry accessing this URL using POST. \ | ||
URL being accessed: | ||
warning = If you were sent here from an untrusted source, please proceed with caution. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am guessing Linguist is not very good at parsing line escapes in properties files.
${%blurb} | ||
</p> | ||
<p><tt>${requestURL}</tt></p> | ||
<p><strong>${%warning}</strong></p> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we check the Referer
[sic]?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Check how? Or do you mean we should just print the referer as well, in addition to the URL?
[JENKINS-34254] Fix RequirePOST form (cherry picked from commit 76c9f8b)
See JENKINS-34254.
Downstream of jenkinsci/stapler#135. Alternative to #3186.
SNAPSHOT
dependency on Stapler because I couldn't figure out how to handle the different dates in each stapler component other than not using thestapler.version
property at all.Proposed changelog entries
Submitter checklist
* Use the
Internal:
prefix if the change has no user-visible impact (API, test frameworks, etc.)Desired reviewers
@jenkinsci/code-reviewers