Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-53591

x-error header should be provided for ALL API error responses

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor Minor
    • core
    • None
    • Jenkins ver. 2.121.1

      While developing/extending a Hubot plugin which uses the Jenkins remote api, I noticed the 'x-error' header on responses for telling users what went wrong. It isn't always returned, though. It would be really handy to remote API users to always have an x-error header available. I don't think this should be too hard since the API is already returning the error string inside the middle of a large chunk of HTML.

      Here's an example:

      POST 403 /job/skynet/job/the-job-name/config.xml

response headers:

{ connection: 'close',
 date: 'Sat, 15 Sep 2018 00:17:31 GMT',
 'x-content-type-options': 'nosniff',
 'x-you-are-authenticated-as': 'hv-core',
 'x-you-are-in-group-disabled':
 'JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose',
 'x-required-permission': 'hudson.model.Item.Configure',
 'x-permission-implied-by':
 'hudson.security.Permission.GenericConfigure, hudson.security.Permission.GenericUpdate, hudson.security.Permission.GenericWrite, hudson.model.Hudson.Administer',
 expires: 'Thu, 01 Jan 1970 00:00:00 GMT',
 'cache-control': 'no-cache,no-store,must-revalidate',
 'x-hudson-theme': 'default',
 'content-type': 'text/html;charset=utf-8',
 'set-cookie':
 [ 'JSESSIONID.4fc412a5=node0plyw4mi19q2wpexcmdu21pb321.node0;Path=/;HttpOnly' ],
 'x-hudson': '1.395',
 'x-jenkins': '2.121.1',
 'x-jenkins-session': '21d95bc9',
 'x-hudson-cli-port': '54901',
 'x-jenkins-cli-port': '54901',
 'x-jenkins-cli2-port': '54901',
 'x-frame-options': 'sameorigin',
 'x-instance-identity':
 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzhBNV8jwC2dTf4HoRdG01MV94FjDykB57hQxWNQtNMoj8+/hz+yFhrtuh3fI7f8fKnQlqFH9Gyoe5D7rrBqtneHxBuLd8ALI0xLxnK24Fed3Wv1Fr78ETik/QKNTvuiJx8GGYKbyLSyh6gea2i9lkCICI8uKkcKNhqo1lKY+iUh6tUtR5dcpnF5IoqTDLuM8Q7lYP+nO/oWujuT+Ph5WNuHtBNpibdc5yha63ornzx8UmtQrT12v2n4xgxZ2p6ePifecTbd+JlCI74MmBWVL7FXryT3T/2XIB7LAGI/2QX0PMNVQHRgRc0fYruYKEXfMwkHCrdwo1K+ZkU7+o58mQIDAQAB',
 'content-length': '6670',
 server: 'Jetty(9.4.z-SNAPSHOT)' }

Snippet from the returned HTML body:

<div id="main-panel"><a name="skip2content"></a><h1>Access Denied</h1><p class="error">hv-core is missing the Job/Configure permission</p></div>

       

            Unassigned Unassigned
            sr105 Harvey Chapman
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: