[JIRA] (JENKINS-59187) node-sharing-plugin: fails to use crumb correctly since Jenkins 2.176

3 views
Skip to first unread message

james.dingwall@zynstra.com (JIRA)

unread,
Sep 2, 2019, 9:39:02 AM9/2/19
to jenkinsc...@googlegroups.com
James Dingwall created an issue
 
Jenkins / Bug JENKINS-59187
node-sharing-plugin: fails to use crumb correctly since Jenkins 2.176
Issue Type: Bug Bug
Assignee: Scott Hebert
Components: node-sharing-plugin
Created: 2019-09-02 13:38
Environment: node-sharing-plugin 2.0.4
 jenkins 2.176.3
Labels: plugin
Priority: Minor Minor
Reporter: James Dingwall

In the jenkins log:

WARNING: No valid crumb was included in request for /cloud/NodeSharing-<id>/api/reportUsage by nsp-user. Returning 403.

I believe this is being triggered by https://jenkins.io/doc/upgrade-guide/2.176/#SECURITY-626

The crumb that is issued can only be used in a single session but no session handling is present in the nsp code.
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

james.dingwall@zynstra.com (JIRA)

unread,
Sep 3, 2019, 5:13:02 AM9/3/19
to jenkinsc...@googlegroups.com
James Dingwall updated an issue
Change By: James Dingwall
In the jenkins log:

WARNING: No valid crumb was included in request for /cloud/NodeSharing-<id>/api/reportUsage by nsp-user. Returning 403.

I believe this is being triggered by [ https://jenkins.io/doc/upgrade-guide/2.176/#SECURITY-626 ]

The crumb that is issued can only be used in a single session but no session handling is present in the nsp code.


This also affects the 'Test connection' from the executor to the orchestrator.
Reply all
Reply to author
Forward
0 new messages