[
https://issues.jenkins-ci.org/browse/JENKINS-13038?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
jieryn updated JENKINS-13038:
-----------------------------
Assignee: (was: jieryn)
Component/s: core
(was: html5-notifier)
> HTML5 notifier plugin breaks Jenkins with CSRF protection
> ---------------------------------------------------------
>
> Key: JENKINS-13038
> URL: https://issues.jenkins-ci.org/browse/JENKINS-13038
> Project: Jenkins
> Issue Type: Bug
> Components: core
> Environment: Jenkins 1.454
> HTML5 Notifier Plugin 1.1
> Reporter: mdp
> Priority: Critical
>
> The prototype-1.7.js version included in the plugin replaces code from the
> patched Prototype included in core Jenkins.
> Result: with notifiers and CSRF protection enabled POSTs fail with 403.
> One easily visible example: trying to disable an installed plugin results in
> Status Code: 403
> Exception: No valid crumb was included in the request
> displayed where the restart button should appear.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
