ToShared
commented
3 years ago I solved this problem
The higher version of Jenkins opens CRFS by default
run this shell hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION = true
Open ToShared opened 3 years ago
ToShared
commented
3 years ago I solved this problem
The higher version of Jenkins opens CRFS by default
run this shell hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION = true
Master-An
commented
3 years ago @ToShared Where should I run that shell command?
cmoulliard
commented
3 years ago Where should I run that shell command?
Here http://localhost:8080/script
pinguo-zhouwei
commented
3 years ago To disable CSRF, it can be done with groovy, open "Manage Jenkins" / "Script Console"
import jenkins.model.Jenkins
def instance = Jenkins.instance
instance.setCrumbIssuer(null)
Likqez
commented
3 years ago Problem persists after executing both scripts on 2,280. Any updates?
WilliamChen-luckbob
commented
3 years ago New feedback, I'm using Jenkins version 2.289.1, met the same issue and solved by running shell
hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION = true
thanks a lot!
phene
commented
2 years ago Why do people think disabling CSRF protection is an acceptable workaround? We should not have to reduce our security posture just to use this API client.
szylmzs
commented
1 year ago will this project update for CSRF? I meet same issue when build job
szylmzs
commented
1 year ago resolved generate a user token from jenkins panel and new JenkinsServer() with username and token
JenkinsServer jenkins = new JenkinsServer(new URI("url"), JENKINS_USERNAME, JENKINS_PASSWORD);if (jenkins.isRunning()) { jenkins.getJob(JENKINS_JOB).build(); System.out.println(jenkins.getJob(JENKINS_JOB).getLastBuild().details().getResult()); }i set the correct username and password. but still status code: 403, reason phrase: Forbiddenthe jenkins user is super admin