Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-59203

Upgrading Jenkins to 2.176.3 breaks service hooks integration with Visualstudio.com

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Minor Minor
    • core
    • None
    • Jenins 2.176.3, TFS, Strict Crumb Issuer

      This issue was introduced when upgrading from Jenkins version 2.176.2 to 2.176.3. I believe this is related to the change referred https://jenkins.io/security/advisory/2019-08-28/, under CSRF protection [...].

      Our development team is using visualstudio.com and have up til now used service hooks there, to trigger builds in jenkins. When upgrading to the latest version of jenkins these service hooks fail, referring to an invalid crumb.

      I have tried installing and using the "strict crumb issuer" plugin, but that does not seem to work at all with the service hooks from VS. Disabling CSRF seem to "fix the problem", but that is obviously not an option.

      Please advice.

            Unassigned Unassigned
            myrdrahl Even Juberg
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: