Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55710

Sidebar-Link plugin file upload blocked by CSRF protection

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: sidebar-link-plugin
    • Labels:
    • Environment:
      Ubuntu 18
      Kubernetes 1.11
      Jenkins version 2.150.1
      sidebar-link-plugin 1.10
      Chrome Version 71.0.3578.98 (Official Build) (64-bit)
    • Similar Issues:

      Description

      When on the /configure page when trying to upload a new image to /userContent using the sidebar-link plugin the following error is generated.

      HTTP ERROR 403
      Problem accessing /plugin/sidebar-link/upload. Reason:
      No valid crumb was included in the request
      Powered by Jetty:// 9.4.z-SNAPSHOT

       

      The result of this error is due to CSRF protection in Jenkins 2.x.  The current workaround is for a user to complete the following steps:

      • Visit /configureSecurity page
      • Disable Prevent Cross Site Request Forgery exploits ** temporarily
      • Visit /configure upload the image desired

       

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              Unassigned
              Reporter:
              bcherrin Bradley Herrin
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: