Can receive any HTTP request, extract any values from JSON or XML and trigger a job with those values available as variables. Works with GitHub, GitLab, Bitbucket, Jira and many more.
When sending a "dummy" request to the generic-webhook-trigger endpoint, "jenkins" is found in the response:
$ curl -v https://example.org/generic-webhook-trigger/invoke
[...]
{"jobs":null,"message":"Did not find any jobs with GenericTrigger configured! If you are using a token, you need to pass it like ...trigger/invoke?token=TOKENHERE. If you are not using a token, you need to authenticate like http://user:passsword@jenkins/generic-webhook... "}
This could be considered leaking information about the software that the endpoint runs to potential attackers.
tomasbjerre
commented
2 years ago
When sending a "dummy" request to the generic-webhook-trigger endpoint, "jenkins" is found in the response:
This could be considered leaking information about the software that the endpoint runs to potential attackers.