← Back to team overview

python-jenkins-developers team mailing list archive

  1. python-jenkins-developers team
  2. Mailing list archive
  3. Message #00645

[Bug 1732464] Re: Add CSRF token support

  Thread PreviousDate PreviousThread Next 
I am also having this issue with Jenkins 2.249.2.  Submitting a build
using the python-jenkins module results in a 403 error from Jenkins
which is behind an nginx proxy.  The same request submitted using the
HTTP GET method *will* work as shown below.

# 997  curl -v -X POST
'https://jenkins.example.com/job/openssh/buildWithParameters?cause=Test+Build&REPO=git%3A%2F%2Fpagure.example.com%2Fpuppet%2Fopenssh.git&BRANCH=master&BRANCH_TO=ssh_template_test&token=0KNNDFLIGOBW5WYOP7GBG5TZ4ZZO0WPB'

# 998  curl -v -X GET
'https://jenkins.example.com/job/openssh/buildWithParameters?cause=Test+Build&REPO=git%3A%2F%2Fpagure.example.com%2Fpuppet%2Fopenssh.git&BRANCH=master&BRANCH_TO=ssh_template_test&token=0KNNDFLIGOBW5WYOP7GBG5TZ4ZZO0WPB'

#10.201.64.43 - - [13/Oct/2020:08:53:28 -0400] "GET
/job/openssh/buildWithParameters?cause=Test+Build&REPO=git%3A%2F%2Fpagure.example.com%2Fpuppet%2Fopenssh.git&BRANCH=master&BRANCH_TO=ssh_template_test&token=0KNNDFLIGOBW5WYOP7GBG5TZ4ZZO0WPB
HTTP/1.1" 201 5 "-" "curl/7.29.0" "-"

#10.201.64.43 - - [13/Oct/2020:08:53:11 -0400] "POST
/job/openssh/buildWithParameters?cause=Test+Build&REPO=git%3A%2F%2Fpagure.example.com%2Fpuppet%2Fopenssh.git&BRANCH=master&BRANCH_TO=ssh_template_test&token=0KNNDFLIGOBW5WYOP7GBG5TZ4ZZO0WPB
HTTP/1.1" 403 578 "-" "curl/7.29.0" "-"

I also created a simple test script based on the lib_ci.py module from
pagure which also receives a 403 error when submitting a build.  The
script is attached for reference.




** Attachment added: "python-jenkins test script"
   https://bugs.launchpad.net/python-jenkins/+bug/1732464/+attachment/5421729/+files/jenkins_test.txt

** Also affects: jenkins (CentOS)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Python
Jenkins Developers, which is subscribed to Python Jenkins.
https://bugs.launchpad.net/bugs/1732464

Title:
  Add CSRF token support

Status in Python Jenkins:
  New
Status in jenkins package in CentOS:
  New

Bug description:
  Hi everyone,
  we faced an issue with enable CSRF protection in Jenkins 2.89.
  If we have this protection enabled call of build_job function from Python Jenkins fails with no error output. Call ends successfully without any log message, error or something like that. But no pipeline was triggered in Jenkins.

  Disabling the protection in Jenkins will fix everything.

  Do you have any plan to implement this feature? I can implement on my
  own too, i just want to ask if there is any existing way to fix it.

  Thanks for your attention.

To manage notifications about this bug go to:
https://bugs.launchpad.net/python-jenkins/+bug/1732464/+subscriptions

References

  Thread PreviousDate PreviousThread Next