Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23020

Manage->Cancel Shutdown requests POST method and even POST fails due to invalid crumb if CSRF protection is enabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical Critical
    • core
    • Windows Server 2008R2, 64bit, JDK 7u55

      When trying to cancel shutdown mode via

      Manage->Cancel Shutdown
      or
      Cancel link of Build Queue

      Jenkins shows

      POST is required for jenkins.model.Jenkins.doCancelQuietDown

      together with a Try POSTing button.

      If the Try POSTing button is pressed cancel is working with CSRF protection disabled.

      But with CSRF protection enabled (in Manage->Configure Global Security) after the Try POSTing button Jenkins shows

      Invalid Crumb

      error which effectively means there is currently no way to cancel from shutdown mode if CSRF protection is enabled.

            Unassigned Unassigned
            klou Kurt
            Votes:
            4 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: