node-jenkins-api icon indicating copy to clipboard operation
node-jenkins-api copied to clipboard
verified publisher icon jansepar

Need to support CSRF protection

Open jaxley opened this issue 9 years ago • 1 comments

Tried this against jenkins 2.7.1 which by default is configured securely with "Prevent Cross Site Request Forgery exploits" enabled (e.g. the create_job api). This blows up with a 403 unauthorized error because the API client is not aware of the token and is not submitting it.

See https://wiki.jenkins-ci.org/display/JENKINS/Remote+access+API#RemoteaccessAPI-CSRFProtection

jaxley avatar Aug 02 '16 17:08 jaxley

@jaxley see my quick fix #58

galenzhao avatar Jul 16 '17 13:07 galenzhao